Specifying A Mandatory Authentication Domain On A Port; Configuring The Quiet Timer - HPE FlexNetwork 5510 HI Series Security Configuration Manual

Step
interface view.
4. Enable
trigger.
Specifying a mandatory authentication domain on
a port
You can place all 802.1X users in a mandatory authentication domain for authentication,
authorization, and accounting on a port. No user can use an account in any other domain to access
the network through the port. The implementation of a mandatory authentication domain enhances
the flexibility of 802.1X access control deployment.
To specify a mandatory authentication domain for a port:
Step
1. Enter system view.
2. Enter
interface view.
3. Specify a mandatory 802.1X
authentication domain on the
port.

Configuring the quiet timer

The quiet timer enables the access device to wait a period of time before it can process any
authentication request from a client that has failed an 802.1X authentication.
You can edit the quiet timer, depending on the network conditions.
•
In a vulnerable network, set the quiet timer to a high value.
•
In a high-performance network with quick authentication response, set the quiet timer to a low
value.
To configure the quiet timer:
Step
1. Enter system view.
2. Enable the quiet timer.
3. (Optional.) Set the quiet
timer.
Command
interface-number
an authentication
dot1x
unicast-trigger }
Command
system-view
Layer 2 Ethernet
interface
interface-number
dot1x
domain-name
Command
system-view
dot1x quiet-period
dot1x
quiet-period-value
{ multicast-trigger
interface-type
mandatory-domain
timer quiet-period
86
Remarks
By default, the multicast trigger is
|
enabled, and the unicast trigger is
disabled.
Remarks
N/A
N/A
By default, no mandatory 802.1X
authentication domain
specified.
Remarks
N/A
By default, the timer is disabled.
The default is 60 seconds.
is