33
Configuring 802.1x port security
Configuring periodic re-authentication
You can configure the device to periodically re-authenticate Clients connected to 802.1x-enabled
interfaces. When you enable periodic re-authentication, the device re-authenticates Clients every
3,600 seconds by default. You can optionally specify a different re-authentication interval of
between 1 – 4294967295 seconds.
To configure periodic re-authentication using the default interval of 3,600 seconds, enter the
following command.
BigIron RX(config)#dot1x-enable
BigIron RX(config-dot1x)# re-authentication
Syntax: [no] re-authentication
To configure periodic re-authentication with an interval of 2,000 seconds, enter the following
commands.
BigIron RX(config)#dot1x-enable
BigIron RX(config-dot1x)# re-authentication
BigIron RX(config-dot1x)# timeout re-authperiod 2000
Syntax: [no] timeout re-authperiod <seconds>
The re-authentication interval is a global setting, applicable to all 802.1x-enabled interfaces. If you
want to re-authenticate Clients connected to a specific port manually, use the dot1x
re-authenticate command. See
Re-authenticating a port manually
When periodic re-authentication is enabled, by default the BigIron RX re-authenticates Clients
connected to an 802.1x-enabled interface every 3,600 seconds (or the time specified by the dot1x
timeout re-authperiod command). You can also manually re-authenticate Clients connected to a
specific port.
For example, to re-authenticate Clients connected to interface 3/1, enter the following command.
BigIron RX# dot1x re-authenticate e 3/1
Syntax: [no] dot1x re-authenticate <portnum>
968
•
Static MAC configurations
•
Link aggregation
•
Metro Ring Protocol (MRP)
•
Tagged port
•
Mirror port
•
Trunk port
•
MAC port security
•
Management Port
•
VE members
"Re-authenticating a port
manually", below.
BigIron RX Series Configuration Guide
53-1001810-01