85
Configuration procedure
To configure the online user handshake feature:
1. Enter system view.
system-view
N/A
2. (Optional.)
handshake timer.
dot1x timer
handshake-period
handshake-period-value
The default is 15 seconds.
3. Enter Layer 2 Ethernet
interface view.
interface
interface-type
N/A
4. Enable the online handshake
feature.
dot1x handshake
By default, the feature is enabled.
5. (Optional.) Enable the online
user
feature.
dot1x handshake secure
By default, the feature is disabled.
6. (Optional.) Enable the
802.1X
handshake reply feature.
dot1x handshake reply enable
By default, the device does not
reply to 802.1X clients'
EAP-
Response/Identity packets
during the online handshake
process.
This command is available in
Release 1121 and later.
Configuring the authentication trigger feature
The authentication trigger feature enables the access device to initiate 802.1X authentication when
802.1X clients cannot initiate authentication.
This feature provides the multicast trigger and unicast trigger (see 802.1X authentication initiation in
"802.1X overview").
Configuration guidelines
When you configure the authentication trigger feature, follow these guidelines:
• Enable the multicast trigger on a port when the clients attached to the port cannot send
EAPOL-Start packets to initiate 802.1X authentication.
• Enable the unicast trigger on a port if only a few 802.1X clients are attached to the port and
these clients cannot initiate authentication.
• To avoid duplicate authentication packets, do not enable both triggers on a port.
Configuration procedure
To configure the authentication trigger feature on a port:
1. Enter system view.
system-view
N/A
2. (Optional.) Set the username
request timeout timer.
dot1x timer tx-period
tx-period-value
The default is 30 seconds.
3. Enter Layer 2 Ethernet
N/A
To Next Page
Loading...
