Nortel 2350 Reference Manual page 291

Configuring Authentication, Authorization, and Accounting Parameters 291
5 To specify the number of seconds before the WSS times out an authentication session with an
802.1X client (supplicant), specify the timeout value (1 to 65,535 seconds) in the Supplicant
Timeout box. The default is 30 seconds.
6
To specify the number of seconds before the WSS times out a request to an authentication
server, specify the timeout value (1 to 65,535 seconds) in the Authentication Server Timeout
box. The default is 30 seconds.
7
To set the maximum number of times the WSS retransmits an EAP request to the client before
timing out the authentication session, specify the value (0 to 10) in the Maximum Requests
box. The default is 2 attempts.
Note. To support SSIDs that have both 802.1X and static WEP clients, WSS
Software sends a maximum of two ID requests, even if this parameter is set to a
higher value. Setting the parameter to a higher value does affect all other types of
EAP messages.
8
To enable encryption key information to be sent to the client after authentication in EAPoL-Key
PDUs, select Key Transmit.
The WSS sends EAPoL key messages after successfully authenticating the client and receiving
authorization attributes for the client. If the client is using dynamic Wired-Equivalent Privacy
protocol (WEP), the EAPoL key messages are sent immediately after authorization.
To disable this option, clear Key Transmit. By default, this option is enabled.
9
To enable reauthentication of 802.1X clients, select Reauthentication.
To disable reauthentication, clear Reauthentication. By default, reauthentication is enabled.
10 To specify the number of reauthentication requests the WSS attempts before a client becomes
unauthorized, specify the value (1 to 10) in the Reauthentication Attempts box. The default is 2
attempts.
Note. If the number of reauthentications for a wired authentication client is greater
than the maximum number of reauthentications allowed, WSS Software sends an
EAP failure packet to the client and removes the client from the network. However,
WSS Software does not remove a wireless client from the network under these
circumstances.
11 To specify the number of seconds before reauthentication is attempted, specify the timeout
value, from 60 to 1,641,600 seconds (19 days), in the Reauthentication Period box. The default
is 3600 seconds (one hour).
WSS Software reauthenticates dynamic WEP clients based on the reauthentication timer. WSS
Software also reauthenticates WPA clients if the clients use the WEP-40 or WEP-104 cipher.
For each dynamic WEP client or WPA client using a WEP cipher, the reauthentication timer is
set to the lesser of the global setting or the value returned by the AAA server with the rest of the
authorization attributes for that client.
12 To enable WEP key rolling (rotation) of the broadcast and multicast WEP keys, select WEP
Key Rolling.
Nortel WLAN—Management Software 2300 Series Reference Guide