Advanced 802.1X Configuration; Specifying A Mandatory Authentication Domain For A Port - 3Com 4210 9-Port Configuration Manual

Operation
Set 802.1x timers
Enable the quiet-period
timer
As for the dot1x max-user command, if you execute it in system view without specifying the
interface-list argument, the command applies to all ports. You can also use this command in port
view. In this case, this command applies to the current port only and the interface-list argument is
not needed.
As for the configuration of 802.1x timers, the default values are recommended.

Advanced 802.1x Configuration

Advanced 802.1x configurations, as listed below, are all optional.

Specifying a Mandatory Authentication Domain for a Port

Configuration concerning CAMS, including multiple network adapters detecting, proxy detecting,
and so on.
Client version checking configuration
DHCP–triggered authentication
Guest VLAN configuration
802.1x re-authentication configuration
Configuration of the 802.1x re-authentication timer
You need to configure basic 802.1x functions before configuring the above 802.1x features.
Specifying a Mandatory Authentication Domain for a Port
By specifying a mandatory authentication domain for a port, you can implement a security control policy
for 802.1X users. That is, the system uses the mandatory authentication domain for authentication,
authorization, and accounting of all 802.1X users on the port, thus to prevent those users from using
other accounts to access the network.
Meanwhile, for EAP relay mode 802.1X authentication that uses certificates, the certificate of a user
determines the authentication domain of the user. However, you can specify different mandatory
authentication domains for different ports even if the user certificates are from the same certificate
Command
dot1x timer
{ handshake-period
handshake-period-value |
quiet-period
quiet-period-value |
server-timeout
server-timeout-value |
supp-timeout
supp-timeout-value |
tx-period tx-period-value |
ver-period ver-period-value }
dot1x quiet-period
1-15
Remarks
Optional
The settings of 802.1x timers are as
follows.
handshake-period-value: 15 seconds
quiet-period-value: 60 seconds
server-timeout-value: 100 seconds
supp-timeout-value: 30 seconds
tx-period-value: 30 seconds
ver-period-value: 30 seconds
Optional
By default, the quiet-period timer is
disabled.