29-14
Software Configuration Guide—Release 12.2(25)SG
OL-7659-03
Chapter 29 Understanding and Configuring 802.1X Port-Based Authentication
How to Configure 802.1X
• Configuring RADIUS-Provided Session Timeouts, page 29-19 (optional)
• Configuring 802.1X with Guest VLANs, page 29-20 (optional)
• Configuring 802.1X with Authentication Failed VLAN Assignment, page 29-22 (optional)
• Configuring 802.1X with Voice VLAN, page 29-24 (optional)
• Enabling Periodic Reauthentication, page 29-24 (optional)
• Manually Reauthenticating a Client Connected to a Port, page 29-25 (optional)
• Changing the Quiet Period, page 29-25 (optional)
• Changing the Switch-to-Client Retransmission Time, page 29-26 (optional)
• Setting the Switch-to-Client Frame-Retransmission Number, page 29-27 (optional)
• Enabling Multiple Hosts, page 29-27 (optional)
• Resetting the 802.1X Configuration to the Default Values, page 29-28 (optional)
Default 802.1X Configuration
Table 29-1 shows the default 802.1X configuration.
Table 29-1 Default 802.1X Configuration
Feature Default Setting
Authentication, authorization, and accounting (AAA) Disabled
RADIUS server
• IP address
• UDP authentication port
• Key
• None specified
• 1812
• None specified
Per-interface 802.1X protocol enable state Disabled (force-authorized)
The port transmits and receives normal traffic without
802.1X-based authentication of the client.
Periodic reauthentication Disabled
Time between reauthentication attempts 3600 sec
Quiet period 60 sec
Number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client.
Retransmission time 30 sec
Number of seconds that the switch should wait for a response to an
EAP request/identity frame from the client before retransmitting the
request.
Maximum retransmission number 2
Number of times that the switch will send an EAP-request/identity
frame before restarting the authentication process.
Multiple host support Disabled
