Allied Telesis AT-S63 User Manual
Page 641

AT-S63 Management Software Command Line User’s Guide
Section VIII: Port Security
641
the switch or the switch is reset or power 
cycled.
reauthperiod
Enables periodic reauthentication of the client, which is
disabled by default. The default value is 3600 seconds. 
The range is 1 to 65,535 seconds.
supptimeout
Sets the switch-to-client retransmission time for the
EAP-request frame. The default value for this 
parameter is 30 seconds. The range is 1 to 600 
seconds.
servertimeout or Sets the timer used by the switch to determine
servtimeout
authentication server timeout conditions. The default
value is 30 seconds. The range is 1 to 600 seconds. 
The parameters are equivalent. 
maxreq
Specifies the maximum number of times that the switch
retransmits an EAP Request packet to the client before 
it times out the authentication session. The range is 1 to 
10 retransmissions and the default is 2.
ctrldirboth
Specifies how the port is to handle ingress and egress
broadcast and multicast packets when in the 
unauthorized state.
When a port is set to the authenticator role, it remains in 
the unauthorized state until a client is authenticated by 
the authentication server. In the unauthorized state, the 
port accepts only EAP packets from the client. All other 
ingress packets the port might receive from the 
supplicant, including multicast and broadcast traffic, are 
discarded until the supplicant has been authenticated.
You can use this selection to control how an
authenticator port handles egress broadcast and 
multicast traffic when in the unauthorized state. You 
can instruct the port to forward this traffic to the client, 
even though the client has not logged on, or you can 
have the port discard the traffic.
The options are:
ingress
An authenticator port, when in the
unauthorized state, discards all ingress 
broadcast and multicast packets from the 
client while forwarding all egress 
broadcast and multicast traffic to the same 
client. This is the default setting.
