Handshake timer (handshake-period)—Sets the interval at which the access device sends client
•
handshake requests to check the online status of a client that has passed authentication. If the
device receives no response after sending the maximum number of handshake requests, it considers
that the client has logged off.
Quiet timer (quiet-period)—Starts when a client fails authentication. The access device must wait the
•
time period before it can process the authentication attempts from the client.
Periodic re-authentication timer (reauth-period)—Sets the interval at which the network device
•
periodically re-authenticates online 802.1X users.
Set the client timeout timer to a high value in a low-performance network, set the quiet timer to a high
value in a vulnerable network or a low value for quicker authentication response, or adjust the server
timeout timer to adapt to the performance of different authentication servers. In most cases, the default
settings are sufficient.
To set the 802.1X timers:
To do...
Command...
1.
Enter system
system-view
view.
dot1x timer { handshake-
period handshake-period-
value | quiet-period quiet-
period-value | reauth-
2.
Set the
period reauth-period-value
802.1X
| server-timeout server-
timers.
timeout-value | supp-
timeout supp-timeout-value
| tx-period tx-period- value
}
Remarks
—
Optional.
The 802.1X timers take the following default values:
•
15 seconds for the handshake timer
•
60 seconds for the quiet timer
•
3600 seconds for the periodic re-authentication timer
•
100 seconds for the server timeout timer
•
30 seconds for the client timeout timer
•
30 seconds for the username request timeout timer
86