Enabling Periodic Reauthentication - Cisco 7604 Configuration Manual

Configuring 802.1X Port-Based Authentication
•
•
•
You also need to configure some settings on the RADIUS server. These settings include the IP address
Note
of the router and the key string to be shared by both the server and the router. For more information, refer
to the RADIUS server documentation.
This example shows how to configure the RADIUS server parameters on the router:
Router# configure terminal
Router(config)# ip radius source-interface Vlan80
Router(config)# radius-server host 172.l20.39.46
Router(config)# radius-server key rad123
Router(config)# end

Enabling Periodic Reauthentication

You can enable periodic 802.1X client reauthentication and specify how often it occurs. If you do not
specify a time period before enabling reauthentication, the number of seconds between reauthentication
attempts is 3600.
Automatic 802.1X client reauthentication is a global setting and cannot be set for clients connected to
individual ports. To manually reauthenticate the client connected to a specific port, see the
Reauthenticating the Client Connected to a Port" section on page
To enable periodic reauthentication of the client and to configure the number of seconds between
reauthentication attempts, perform this task:
Command
Step 1
Router(config)# interface type
Step 2
Router(config-if)# dot1x reauthentication
Router(config-if)# no dot1x reauthentication
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
46-10
For key string, specify the authentication and encryption key used between the router and the
RADIUS daemon running on the RADIUS server. The key is a text string that must match the
encryption key used on the RADIUS server.
When you specify the key string, spaces within and at the end of the key are used. If you use spaces
in the key, do not enclose the key in quotation marks unless the quotation marks are part of the key.
This key must match the encryption used on the RADIUS daemon.
You can globally configure the timeout, retransmission, and encryption key values for all RADIUS
servers by using the radius-server host global configuration command. If you want to configure
these options on a per-server basis, use the radius-server timeout, radius-server retransmit, and
the radius-server key global configuration commands. For more information, refer to the Cisco IOS
Security Configuration Guide, Release 12.2, publication and the Cisco IOS Security Command
Reference, Release 12.2, publication at this URL:
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_installation_and_configuratio
n_guides_list.html
1
slot/port
Chapter 46 Configuring IEEE 802.1X Port-Based Authentication
46-11.
Purpose
Selects an interface to configure.
Enables periodic reauthentication of the client, which is
disabled by default.
Disables periodic reauthentication of the client.
"Manually
OL-4266-08