Managing 802.1x client reauthentication, Enabling and disabling 802.1x reauthentication – 3Com WX4400 3CRWX440095A User Manual

536

C

HAPTER

23: M

ANAGING

802.1X

ON

THE

WX S

WITCH

„

Supplicant timeout (configured by the set dot1x timeout supplicant
command)

„

RADIUS session-timeout attribute

If both of these timeouts are set, MSS uses the shorter of the two. If the
RADIUS session-timeout attribute is not set, MSS uses the timeout
specified by the set dot1x timeout supplicant command, by default 30
seconds.

Managing 802.1X
Client
Reauthentication

Reauthentication of 802.1X wireless supplicants (clients) is enabled on
the WX switch by default. By default, the WX switch waits 3600 seconds
(1 hour) between authentication attempts. You can disable
reauthentication or change the defaults.

You also can use the RADIUS session-timeout attribute to set the
reauthentication timeout for a specific client. In this case, MSS uses the
timeout that has the lower value. If the session-timeout is set to fewer
seconds than the global reauthentication timeout, MSS uses the
session-timeout for the client. However, if the global reauthentication
timeout is shorter than the session-timeout, MSS uses the global timeout
instead.

Enabling and

Disabling 802.1X

Reauthentication

The following command enables or disables the reauthentication of
supplicants (clients) by the WX switch:

set dot1x reauth {enable | disable}

Reauthentication is enabled by default.

Type the following command to reenable reauthentication of clients:

WX1200# set dot1x reauth enable
success: dot1x reauthentication enabled.

Setting the Maximum

Number of 802.1X

Reauthentication

Attempts

The following command sets the number of reauthentication attempts
that the WX switch makes before the supplicant (client) becomes
unauthorized:

set dot1x reauth-max number-of-attempts