Manually Re-Authenticating A Client Connected To A Port; Changing The Quiet Period; Changing The Switch-To-Client Retransmission Time - Cisco 2950 - Catalyst Switch Configuration Manual
Software configuration guide
Hide thumbs
Also See for 2950 - Catalyst Switch:
- Command reference manual (686 pages) ,
- Software configuration manual (674 pages) ,
- Software manual (376 pages)
Table of Contents
Advertisement
Chapter 10
Configuring 802.1x Port-Based Authentication
Manually Re-Authenticating a Client Connected to a Port
You can manually re-authenticate the client connected to a specific port at any time by entering the dot1x
re-authenticate interface interface-id privileged EXEC command. This step is optional. If you want to
enable or disable periodic re-authentication, see the
page
This example shows how to manually re-authenticate the client connected to a port:
Switch# dot1x re-authenticate interface fastethernet0/1
Changing the Quiet Period
When the switch cannot authenticate the client, the switch remains idle for a set period of time, and then
tries again. The idle time is determined by the quiet-period value. A failed authentication of the client
might occur because the client provided an invalid password. You can provide a faster response time to
the user by entering a smaller number than the default.
Beginning in privileged EXEC mode, follow these steps to change the quiet period. This procedure is
optional.
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
dot1x timeout quiet-period seconds
Step 4
end
Step 5
show dot1x interface interface-id
Step 6
copy running-config startup-config
To return to the default quiet time, use the no dot1x timeout quiet-period interface configuration
command.
This example shows how to set the quiet time on the switch to 30 seconds:
Switch(config-if)# dot1x timeout quiet-period 30
Changing the Switch-to-Client Retransmission Time
The client responds to the EAP-request/identity frame from the switch with an EAP-response/identity
frame. If the switch does not receive this response, it waits a set period of time (known as the
retransmission time) and then resends the frame.
You should change the default value of this command only to adjust for unusual circumstances such as
Note
unreliable links or specific behavioral problems with certain clients and authentication servers.
78-11380-10
10-14.
Purpose
Enter global configuration mode.
Specify the interface to be configured, and enter interface configuration
mode.
Set the number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client.
The range is 1 to 65535 seconds; the default is 60.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
"Enabling Periodic Re-Authentication" section on
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
Configuring 802.1x Authentication
10-15
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
