Table of Contents
Advertisement
Configuring IEEE 802.1x Port-Based Authentication
How to Configure IEEE 802.1x Port-Based Authentication
Command
6.
end
7.
show authentication interface
interface-id
8.
copy running-config startup-config
Configuring Periodic Reauthentication
You can enable periodic 802.1x client reauthentication and specify how often it occurs. If you do not specify a time period
before enabling reauthentication, the number of seconds between attempts is 3600. Beginning in privileged EXEC mode,
follow these steps to enable periodic reauthentication of the client and to configure the number of seconds between
reauthentication attempts. This procedure is optional.
Command
1.
configure terminal
2.
interface interface-id
3.
authentication periodic
4.
authentication timer {{[inactivity |
reauthenticate]} {restart value}}
5.
authentication timer reauthenticate
seconds
6.
end
7.
show authentication interface
interface-id
8.
copy running-config startup-config
Purpose
Returns to privileged EXEC mode.
Verifies your entries.
(Optional) Saves your entries in the configuration file.
Purpose
Enters global configuration mode.
Specifies the port to be configured, and enter interface configuration
mode.
Enables periodic reauthentication of the client, which is disabled by
default.
Note:
The default value is 3600 seconds. To change the value of the
reauthentication timer or to have the switch use a RADIUS-provided
session timeout, enter the authentication timer reauthenticate
command.
Sets the number of seconds between reauthentication attempts.
inactivity—Interval in seconds after which if there is no activity from
the client then it is unauthorized
reauthenticate—Time in seconds after which an automatic
reauthentication attempt is be initiated.
restart value—Interval in seconds after which an attempt is made to
authenticate an unauthorized port.
This command affects the behavior of the switch only if periodic
reauthentication is enabled.
Sets the number of seconds that the switch waits for a response to an
EAP-request/identity frame from the client before resending the request.
The range is 1 to 65535 seconds; the default is 5.
Note:
You should change the default value of this command only to
adjust for unusual circumstances such as unreliable links or specific
behavioral problems with certain clients and authentication servers.
Returns to privileged EXEC mode.
Verifies your entries.
(Optional) Save your entries in the configuration file.
223
- Quick Links:
- Configuration Overview
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
