Enabling the multicast trigger function, Enabling the quiet timer – H3C Technologies H3C S5120 Series Switches User Manual

1-16

z

You need to disable proxy detection before disabling the online user handshake function.

z

Some 802.1X clients do not support exchanging handshake packets with the device. In this case,

you need to disable the online user handshake function on the device; otherwise the device will

tear down the connections with such online users for not receiving handshake responses.

Enabling the Multicast Trigger Function

With the 802.1X multicast trigger function enabled, a port will periodically send multicast messages to

clients to initiate authentication. This function is used for clients that cannot initiate authentication

unsolicitedly.

Follow these steps to configure the multicast trigger function:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enter Ethernet interface view

interface interface-type
interface-number

—

Enable the multicast trigger
function

dot1x multicast-trigger

Optional

Enabled by default

Specifying a Mandatory Authentication Domain for a Port

With a mandatory authentication domain specified for a port, the system uses the mandatory

authentication domain for authentication, authorization, and accounting of all 802.1X users on the port.

Follow these steps to specify a mandatory authentication domain for a port:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enter Ethernet interface view

interface interface-type
interface-number

—

Specify a mandatory
authentication domain for the
port

dot1x mandatory-domain
domain-name

Required

Not specified by default

Enabling the Quiet Timer

After the quiet timer is enabled on the device, when a client fails 802.1X authentication, the device

refuses further authentication requests from the client in a period of time, which is specified by the quiet

timer (using the dot1x timer quiet-period command).

Follow these steps to enable the quiet timer: