Table of Contents
Advertisement
To disable periodic re-authentication, use the no
configuration command. To return to the default number seconds between re-authentication attempts,
use the no dot1x timeout reauth-period interface configuration command.
Fig. 14–5 Example
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x reauth-period 4000
The re-authentication started by the switch is illustrated in 2.3.II.
14.3.10
Manually re-authenticating using the command line
You can manually re-authenticate the client connected to a specific port at any time by entering the
dot1x re-authenticate interface <interface-id> privileged EXEC command in a remote telnet
session on the switch or the web interface.
Fig. 14–6 Example
witch# dot1x re-authenticate interface fa0/3
S
14.3.11
Authentication Message Exchange
The following image illustrates the authentication message exchange between the client computer, the
switch and the RADIUS authentication server:
Fig. 14–7 Authentication Message Exchange Process
Shown in the first section (I) is the initial EAPOL start packet sent by the wpa_supplicant from the client
computer, starting the 802.1X authentication scheme. This occurs on following circumstances:
•
•
Section II illustrates the message exchange of the authentication. This occurs when:
•
•
194 802.1X – Technical Guideline
An instance of the wpa-supplicant started and running beginning
authentication.
The configured re-authentication period elapsed and the wpa-supplicant starts
re-authentication.
The client computer starts (re)-authentication; see section I above.
The configured re-auth period configured on the switch elapsed.
dot1x
re-authentication
interface
Advertisement
Table of Contents
Need help?
Do you have a question about the NG Network Access Client SP4 and is the answer not in the manual?