X Authentication Configuration Guidelines - Cisco Catalyst 3750-E Software Configuration Manual

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication
Table 10-4 Default 802.1x Authentication Configuration (continued)
Feature
Number of seconds between re-authentication
attempts
Re-authentication number
Quiet period
Retransmission time
Maximum retransmission number
Client timeout period
Authentication server timeout period
Guest VLAN
Inaccessible authentication bypass
Restricted VLAN
Authenticator (switch) mode
MAC authentication bypass

802.1x Authentication Configuration Guidelines

These section has configuration guidelines for these features:
•
•
•
•
802.1x Authentication
These are the 802.1x authentication configuration guidelines:
•
•
OL-9775-08
Default Setting
3600 seconds.
2 times (number of times that the switch restarts the authentication process
before the port changes to the unauthorized state).
60 seconds (number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client).
30 seconds (number of seconds that the switch should wait for a response to
an EAP request/identity frame from the client before resending the request).
2 times (number of times that the switch will send an EAP-request/identity
frame before restarting the authentication process).
30 seconds (when relaying a request from the authentication server to the
client, the amount of time the switch waits for a response before resending the
request to the client.)
30 seconds (when relaying a response from the client to the authentication
server, the amount of time the switch waits for a reply before resending the
response to the server.)
You can change this timeout period by using the dot1x timeout
server-timeout interface configuration command.
None specified.
Disabled.
None specified.
None specified.
Disabled.
802.1x Authentication, page 10-35
VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass,
page 10-37
MAC Authentication Bypass, page 10-37
Maximum Number of Allowed Devices Per Port, page 10-38
When 802.1x authentication is enabled, ports are authenticated before any other Layer 2 or Layer 3
features are enabled.
If you try to change the mode of an 802.1x-enabled port (for example, from access to trunk), an error
message appears, and the port mode is not changed.
Catalyst 3750-E and 3560-E Switch Software Configuration Guide
Configuring 802.1x Authentication
10-35