Interface Configuration Guide 7705 SAR Interfaces
Edition: 01 3HE 11011 AAAC TQZZA 389
max-auth-req
Syntax max-auth-req max-auth-request
no max-auth-req
Context config>port>ethernet>dot1x
Description This command configures the maximum number of times that the 7705 SAR will send an
access request RADIUS message to the RADIUS server. If a reply is not received from the
RADIUS server after the specified number of attempts, the 802.1x authentication process is
considered to have failed.
The no form of this command returns the value to the default.
Default 2
Parameters max-auth-req — the maximum number of RADIUS retries
Values 1 to 10
port-control
Syntax port-control {auto | force-auth | force-unauth}
no port-control
Context config>port>ethernet>dot1x
Description This command configures the 802.1x authentication mode.
The no form of this command returns the value to the default.
Default force-auth
Parameters auto — enables 802.1x authentication. The port starts in the unauthorized state, allowing
only EAPOL frames to be sent and received through the port. Both the 7705 SAR and
the host (supplicant) can initiate an authentication process. The port will remain in the
unauthorized state until the first supplicant is authenticated successfully. After this,
traffic is allowed on the port for all connected hosts.
force-auth — disables 802.1x authentication and causes the port to transition to the
authorized state without requiring any authentication exchange. The port transmits
and receives normal traffic without requiring 802.1x-based host authentication.
force-unauth — causes the port to remain in the unauthorized state, ignoring all
attempts by the hosts to authenticate. The authenticator cannot provide
authentication services to the host through the interface.
To Next Page
Loading...
