802.1X Implementation On An S3600 Series Switch - H3C S3600 Series Operation Manual
Hide thumbs
Also See for S3600 Series:
- Command manual (1277 pages) ,
- Operation manual (966 pages) ,
- Installation manual (98 pages)
Table of Contents
Advertisement
Operation Manual – 802.1x
H3C S3600 Series Ethernet Switches-Release 1510
considered offline when the switch does not receive response packets from it in a
period N times of the handshake-period.
Quiet-period timer (quiet-period). This timer sets the quiet-period. When a
supplicant system fails to pass the authentication, the switch quiets for the set
period (set by the quiet-period timer) before it processes another authentication
request re-initiated by the supplicant system.
RADIUS server timer (server-timeout). This timer sets the server-timeout period.
After sending an authentication request packet to the RADIUS server, a switch
sends another authentication request packet if it does not receive the response
from the RADIUS server when this timer times out.
Supplicant system timer (supp-timeout). This timer sets the supp-timeout period
and is triggered by the switch after the switch sends a request/challenge packet to
a supplicant system. The switch sends another request/challenge packet to the
supplicant system if the switch does not receive the response from the supplicant
system when this timer times out.
Transmission timer (tx-period). This timer sets the tx-period and is triggered by
the switch in two cases. The first case is when the client requests for
authentication. The switch sends a unicast request/identity packet to a supplicant
system and then triggers the transmission timer. The switch sends another
request/identity packet to the supplicant system if it does not receive the reply
packet from the supplicant system when this timer times out. The second case is
when the switch authenticates the 802.1x client who cannot request for
authentication actively. The switch sends multicast request/identity packets
periodically through the port enabled with 802.1x function. In this case, this timer
sets the interval to send the multicast request/identity packets.
Client version request timer (ver-period). This timer sets the version period and is
triggered after a switch sends a version request packet. The switch sends another
version request packet if it does receive version response packets from the
supplicant system when the timer expires.
1.1.6 802.1x Implementation on an S3600 Series Switch
In addition to the earlier mentioned 802.1x features, an S3600 series switch is also
capable of the following:
Checking supplicant systems for proxies, multiple network adapters, and so on
(This function needs the cooperation of a CAMS server.)
Checking client version
The Guest VLAN function
I. Checking the supplicant system
An S3600 series switch checks:
Supplicant systems logging on through proxies
1-10
Chapter 1 802.1x Configuration
Advertisement
Table of Contents
