Alcatel-Lucent 7210 SAS E OS Configuration Manual page 37

Hide thumbs Also See for 7210 SAS E OS:

Service manual (952 pages)

Configuration manual (558 pages)

Quality of service manual (404 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

page of 174

/ 174
Contents
Table of Contents
Bookmarks

Table of Contents

802.1x Timers

The 802.1x authentication procedure is controlled by a number of configurable timers and scalars.

There are two separate sets, one for the EAPOL message exchange and one for the RADIUS

message exchange.

EAPOL timers:

•

RADIUS timer and scaler:

•

The router can also be configured to periodically trigger the authentication procedure

automatically. This is controlled by the enable re-authentication and reauth-period parameters.

Reauth-period indicates the period in seconds (since the last time that the authorization state was

confirmed) before a new authentication procedure is started. The range of reauth-period is 1 —

9000 seconds (the default is 3600 seconds, one hour). Note that the port stays in an authorized

state during the re-authentication procedure.

7210 SAS E Interface Configuration Guide

— Indicates how many seconds the Authenticator will listen for an EAP-

transit-period

Response/ID frame. If the timer expires, a new EAP-Request/ID frame will be sent and

the timer restarted. The default value is 60. The range is 1-3600 seconds.

— This timer is started at the beginning of a new authentication

supplicant-timeout

procedure (transmission of first EAP-Request/ID frame). If the timer expires before an

EAP-Response/ID frame is received, the 802.1x authentication session is considered as

having failed. The default value is 30. The range is 1 — 300.

— Indicates number of seconds between authentication sessions It is started

quiet-period

after logoff, after sending an EAP-Failure message or after expiry of the supplicant-

timeout timer. The default value is 60. The range is 1 — 3600.

— Indicates the maximum number of times that the router will send an

max-auth-req

authentication request to the RADIUS server before the procedure is considered as having

failed. The default value is value 2. The range is 1 — 10.

— Indicates how many seconds the authenticator will wait for a RADIUS

server-timeout

response message. If the timer expires, the access request message is sent again, up to

max-auth-req times. The default value is 60. The range is 1 — 3600 seconds.

Interface Configuration

Page 37

Table of Contents

Alcatel-Lucent 7210 SAS E OS Configuration Manual page 37

Related Manuals for Alcatel-Lucent 7210 SAS E OS

Related Products for Alcatel-Lucent 7210 SAS E OS

Table of Contents