113
 Quiet timer (quiet-period)—Starts when a client fails authentication. The access device must wait the
time period before it can process the authentication attempts from the client.
 Periodic re-authentication timer (reauth-period)—Sets the interval at which the network device
periodically re-authenticates online 802.1X users. To enable periodic online user re-authentication on
a port, use the dot1x re-authenticate command. If you change the periodic re-authentication timer
when users are online, the new timer does not apply to online users until the previous timer expires.
 Server timeout timer (server-timeout)—Starts when the access device sends a RADIUS Access-
Request packet to the authentication server. If no response is received when this timer expires, the
access device retransmits the request to the server.
 Client timeout timer (supp-timeout)—Starts when the access device sends an EAP-Request/MD5
Challenge packet to a client. If no response is received when this timer expires, the access device
retransmits the request to the client.
 Username request timeout timer (tx-period)—Starts when the device sends an EAP-Request/Identity
packet to a client in response to an authentication request. If the device receives no response before
this timer expires, it retransmits the request. The timer also sets the interval at which the network
device sends multicast EAP-Request/Identity packets to detect clients that cannot actively request
authentication.
Related commands: display dot1x.
Examples
# Set the server timeout timer to 150 seconds.
<Sysname> system-view
[Sysname] dot1x timer server-timeout 150
dot1x unicast-trigger
Syntax
dot1x unicast-trigger
undo dot1x unicast-trigger
View
Layer 2 Ethernet interface view
Default level
2: System level
Parameters
None
Description
Use the dot1x unicast-trigger command to enable the 802.1X unicast trigger function.
Use the undo dot1x unicast-trigger command to disable the function.
By default, the unicast trigger function is disabled.
The unicast trigger function enables the network device to initiate 802.1X authentication when it receives
a data frame from an unknown source MAC address. The device resends the packet if it receives no
response within a period of time (set with the dot1x timer supp-timeout command). This process continues
until the maximum number of retries (set with the dot1x retry command) is reached.
To Next Page
Loading...
Need help?
General
