The network device uses the following 802.1X timers:
•
Handshake timer (handshake-period)—Sets the interval at which the access device sends client
handshake requests to check the online status of a client that has passed authentication. If the
device receives no response after sending the maximum number of handshake requests, it considers
that the client has logged off.
Quiet timer (quiet-period)—Starts when a client fails authentication. The access device must wait
•
the time period before it can process the authentication attempts from the client.
Periodic re-authentication timer (reauth-period)—Sets the interval at which the network device
•
periodically re-authenticates online 802.1X users. To enable periodic online user re-authentication
on a port, use the dot1x re-authenticate command. The change to the periodic re-authentication
timer applies to the users that have been online only after the old timer expires.
•
Server timeout timer (server-timeout)—Starts when the access device sends a RADIUS
Access-Request packet to the authentication server. If no response is received when this timer
expires, the access device retransmits the request to the server.
Client timeout timer (supp-timeout)—Starts when the access device sends an EAP-Request/MD5
•
Challenge packet to a client. If no response is received when this timer expires, the access device
retransmits the request to the client.
Username request timeout timer (tx-period)—Starts when the device sends an EAP-Request/Identity
•
packet to a client in response to an authentication request. If the device receives no response before
this timer expires, it retransmits the request. The timer also sets the interval at which the network
device sends multicast EAP-Request/Identity packets to detect clients that cannot actively request
authentication.
Related commands: display dot1x.
Examples
# Set the server timeout timer to 150 seconds.
<Sysname> system-view
[Sysname] dot1x timer server-timeout 150
dot1x unicast-trigger
Syntax
dot1x unicast-trigger
undo dot1x unicast-trigger
View
Ethernet interface view
Default level
2: System level
Parameters
None
Description
Use dot1x unicast-trigger to enable the 802.1X unicast trigger function.
Use undo dot1x unicast-trigger to disable the function.
By default, the unicast trigger function is disabled.
110