Configuring the online user handshake function – H3C Technologies H3C S7500E Series Switches User Manual

5-18

To do…

Use the command…

Remarks

Enter system view

system-view

—

Set 802.1X timers

dot1x timer { handshake-period

handshake-period-value |

quiet-period quiet-period-value |

reauth-period reauth-period-value

| server-timeout

server-timeout-value |

supp-timeout supp-timeout-value

| tx-period tx-period-value }

Optional

The defaults are as follows:

z

15 seconds for the handshake timer,

z

60 seconds for the quiet timer,

z

3600 seconds for the periodic

re-authentication timer,

z

100 seconds for the server timeout

timer,

z

30 seconds for the client timeout

timer, and

z

30 seconds for the username

request timeout timer.

802.1X timers only need to be changed in special or extreme network environments. For

example, you can give the client timeout timer a higher value in a low-performance network,

give the quiet timer a higher value in a vulnerable network or a lower value for quicker

authentication response, or adjust the server timeout timer to suit the performance of different

authentication servers.

Configuring the Online User Handshake Function

The online user handshake function allows the device to send handshake messages to online

users to check whether the users are still online at the interval specified by the dot1x timer

handshake-period command. If the device does not receive any response from an online user

after the device has sent the handshake packet for the maximum number of times, which is set

by the dot1x retry command, the device will set the user state to offline.

Follow these steps to configure the online user handshake function:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enter Ethernet interface view

interface interface-type

interface-number

—

Enable the online handshake

function

dot1x handshake

Optional

Enabled by default