Setting Eap Retransmission Attempts; Managing 802.1X Client Reauthentication - D-Link DWS-1008 - AirPremier MobileLAN Switch Product Manual
8 port 10/100 wireless switch with power over ethernet
Hide thumbs
Also See for DWS-1008 - AirPremier MobileLAN Switch:
- Cli reference manual (531 pages) ,
- User manual (454 pages) ,
- Installation manual (17 pages)
Table of Contents
Advertisement
Setting EAP Retransmission Attempts
The following command sets the maximum number of times the switch retransmits an 802.1X-
encapsulated EAP request to the supplicant (client) before it times out the authentication session:
set dot1x max-req number-of-retransmissions
The default number of retransmissions is 2. You can specify from 0 to 10 retransmit attempts. For
example, type the following command to set the maximum number of retransmission attempts to 3:
DWS-1008# set dot1x max-req 3
success: dot1x max request set to 3.
To reset the number of retransmission attempts to the default setting, type the following command:
DWS-1008# clear dot1x max-req
success: change accepted.
Note: To support SSIDs that have both 802.1X and static WEP clients, MSS sends a maximum of two
ID requests, even if this parameter is set to a higher value. Setting the parameter to a higher value does
affect all other types of EAP messages.
The amount of time MSS waits before it retransmits an 802.1X-encapsulated EAP request to the
supplicant is the same number of seconds as one of the following timeouts:
• Supplicant timeout (configured by the set dot1x timeout supplicant command)
• RADIUS session-timeout attribute
If both of these timeouts are set, MSS uses the shorter of the two. If the RADIUS session-timeout
attribute is not set, MSS uses the timeout specified by the set dot1x timeout supplicant command,
by default 30 seconds.
Reauthentication of 802.1X wireless supplicants (clients) is enabled on the switch by default. By default,
the switch waits 3600 seconds (1 hour) between authentication attempts. You can disable reauthentication
or change the defaults.
Note: To support SSIDs that have both 802.1X and static WEP clients, MSS sends a maximum of two
ID requests, even if this parameter is set to a higher value. Setting the parameter to a higher value does
affect all other types of EAP messages.
Note: You also can use the RADIUS session-timeout attribute to set the reauthentication timeout for a
specific client. In this case, MSS uses the timeout that has the lower value. If the session-timeout is set
to fewer seconds than the global reauthentication timeout, MSS uses the session-timeout for the client.
However, if the global reauthentication timeout is shorter than the session-timeout, MSS uses the global
timeout instead.
D-Link DWS-1008 User Manual
Managing 802.1X Client
Reauthentication
1
Advertisement
Table of Contents
