beautypg.com

Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 331

background image

Multi-Service IronWare Security Configuration Guide

313

53-1003035-02

Configuring 802.1x port security

8

Specifying the number of EAP-request or
identity frame retransmissions

If the device does not receive a EAP-response or identity frame from a client, the device waits 30
seconds (or the amount of time specified with the timeout tx-period command), then retransmits
the EAP-request or identity frame. By default, the device retransmits the EAP-request or identity
frame a maximum of two times. If no EAP-response or identity frame is received from the client
after two EAP-request or identity frame retransmissions, the device restarts the authentication
process with the client.

You can optionally specify between 1 – 10 frame retransmissions. For example, to configure the
device to retransmit an EAP-request or identity frame to a client a maximum of three times, enter
the following command.

Brocade(config-dot1x)# maxreq 3

Syntax: maxreq value

Specifying a timeout for retransmission of messages
to the Authentication Server

When performing authentication, the device receives EAPOL frames from the client and passes the
messages on to the RADIUS server. The device expects a response from the RADIUS server within
30 seconds. If the RADIUS server does not send a response within 30 seconds, the device
retransmits the message to the RADIUS server. The time constraint for retransmission of messages
to the Authentication Server can be between 1 – 4294967295 seconds.

For the device, the possible values are: 1 - 4294967295.

For example, to configure the device to retransmit a message if the Authentication Server does not
respond within 45 seconds, enter the following command.

Brocade(config-dot1x)# servertimeout 45

Syntax: servertimeout seconds

Specifying a timeout for retransmission of
EAP-request frames to the client

Acting as an intermediary between the RADIUS Authentication Server and the client, the device
receives RADIUS messages from the RADIUS server, encapsulates them as EAPOL frames, and
sends them to the client. When the device relays an EAP-Request frame from the RADIUS server to
the client, it expects to receive a response from the client within 30 seconds. If the client does not
respond within the allotted time, the device retransmits the EAP-Request frame to the client. The
time constraint for retransmission of EAP-Request frames to the client can be between 1 –
4294967295 seconds.

For example, to configure the device to retransmit an EAP-Request frame if the client does not
respond within 45 seconds, enter the following command.

Brocade(config-dot1x)# supptimeout 45

Syntax: supptimeout seconds

See also other documents in the category Brocade Computer Accessories: