Cisco Systems WSC4500X16SFP Manual

A SERVICE OF

next previous

29-26

Software Configuration Guide—Release 12.2(25)SG

OL-7659-03

Chapter 29 Understanding and Configuring 802.1X Port-Based Authentication

How to Configure 802.1X

To return to the default quiet-period, use the no dot1x timeout quiet-period configuration command.

This example shows how to set the quiet-period on the switch to 30 seconds:

Switch(config)# dot1x timeout quiet-period 30

Changing the Switch-to-Client Retransmission Time

The client responds to the EAP-request/identity frame from the switch with an EAP-response/identity

frame. If the switch does not receive this response, it waits a set period of time (known as the

retransmission time) and then retransmits the frame.

Note You should change the default value of this command only to adjust for unusual circumstances, such as

unreliable links or specific behavioral problems with certain clients and authentication servers.

To change the amount of time that the switch waits for client notification, perform this task:

To return to the default retransmission time, use the no dot1x timeout tx-period interface configuration

command.

This example shows how to set the retransmission time to 60 seconds:

Switch(config)# dot1x timeout tx-period 60

Step 3

Switch(config)# dot1x timeout

quiet-period

seconds

Sets the number of seconds that the switch remains in the quiet-period

following a failed authentication exchange with the client.

The range is 0 to 65,535 seconds; the default is 60.

Step 4

Switch(config)# end

Returns to privileged EXEC mode.

Step 5

Switch# show dot1x all

Verifies your entries.

Step 6

Switch# copy running-config

startup-config

(Optional) Saves your entries in the configuration file.

Command Purpose

Command Purpose

Step 1

Switch# configure terminal

Enters global configuration mode.

Step 2

Switch(config)# interface

interface-id

Enters interface configuration mode and specifies the interface to be

enabled for timeout tx-period.

Step 3

Switch(config-if)# dot1x timeout

tx-period

seconds

Sets the number of seconds that the switch waits for a response to an

EAP-request/identity frame from the client before retransmitting the

request.

The range is 1 to 65,535 seconds; the default is 30.

Step 4

Switch(config)# end

Returns to privileged EXEC mode.

Step 5

Switch# show dot1x all

Verifies your entries.

Step 6

Switch# copy running-config

startup-config

(Optional) Saves your entries in the configuration file.