5-12
Configuring Port-Based Access Control (802.1x)
Configuring Switch Ports as 802.1x Authenticators
aaa port-access authenticator < port-list > (Syntax Continued)
[quiet-period < 0 .. 65535 > ]
Sets the period during which the port does not try to
acquire a supplicant. The period begins after the last
attempt auth orized by the max-requests parameter
fails (next page ). (Default: 60 seconds)
[ tx-period < 0 .. 65535 > ]
Sets the period the port waits to retrans mit the next
EAPOL PDU during an auth entication session.
(Default: 30 seconds)
[ supplicant-timeout < 1 - 300 > ]
Sets the period of time the switch waits for a supplicant
response to an EAP re quest. If the supplicant does not
respond within the configured time frame, the session
times out. (Default: 30 seconds)
[ server-timeout < 1 - 300 > ]
Sets the period of time the switch waits for a server
response to an authentication request. If the server
does not respond within the configured time frame, the
switch assumes that the authentication attempt has
timed out. Depending on the current max-requests set-
ting, the switch will either send a new request to the
server or end the authentication session. (Default: 30
seconds)
[ max-requests < 1 - 10 > ]
Sets the number of authentication attempts that must
time-out before authentication fails and the authentica
tion session ends. If you are using the Local authenti-
cation option, or are using RADIUS authentication
with only one host server, the switch will not start
another session until a client tries a new access
attempt. If you are using RADIUS authentication with
two or three host servers, the switch will open a session
with each server, in turn, until authentication occurs
or there are no more servers to try. During the quiet-
period (previous page), if any, you cannot reconfigure
this parameter. (Default: 2)
!FishSecurity.book Page 12 Thursday, October 10, 2002 9:19 PM