beautypg.com

Configuring periodic re-authentication – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 329

background image

Multi-Service IronWare Security Configuration Guide

311

53-1003035-02

Configuring 802.1x port security

8

When an interface’s control type is set to auto, its controlled port is initially set to unauthorized, but
is changed to authorized when the connecting client is successfully authenticated by an
Authentication Server.

The port control type can be one of the following:

force-authorized – The port’s controlled port is placed unconditionally in the authorized state,
allowing all traffic. This is the default state for ports on the device. Also, this parameter allows
connection from multiple clients.

force-unauthorized – The controlled port is placed unconditionally in the unauthorized state.

auto – The controlled port is unauthorized until authentication takes place between the client and
Authentication Server. Once the client passes authentication, the port becomes authorized. This
has the effect of activating authentication on an 802.1x-enabled interface.

Notes
You cannot enable 802.1x port security on ports that have any of the following features enabled:

Static MAC configurations

Link aggregation

Metro Ring Protocol (Brocade MRP)

Tagged port

Mirror port

LAG port

MAC port security

Management Port

VE members

Configuring periodic re-authentication

You can configure the device to periodically re-authenticate clients connected to 802.1x-enabled
interfaces. When you enable periodic re-authentication, the device re-authenticates clients every
3,600 seconds by default. You can optionally specify a different re-authentication interval of
between 1 – 4294967295 seconds.

To configure periodic re-authentication using the default interval of 3,600 seconds, enter the
following command.

Brocade(config)#dot1x-enable

Brocade(config-dot1x)# re-authentication

Syntax: [no] re-authentication

To configure periodic re-authentication with an interval of 2,000 seconds, enter the following
commands.

Brocade(config)#dot1x-enable

Brocade(config-dot1x)# re-authentication

Brocade(config-dot1x)# timeout re-authperiod 2000

Syntax: [no] timeout re-authperiod seconds

See also other documents in the category Brocade Computer Accessories: