Cisco Systems 2960 Manual De Usuario
10-48
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
Chapter 10 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
Configuring Periodic Re-Authentication
You can enable periodic 802.1x client re-authentication and specify how often it occurs. If you do not
specify a time period before enabling re-authentication, the number of seconds between attempts
is 3600.
specify a time period before enabling re-authentication, the number of seconds between attempts
is 3600.
Beginning in privileged EXEC mode, follow these steps to enable periodic re-authentication of the client
and to configure the number of seconds between re-authentication attempts. This procedure is optional.
and to configure the number of seconds between re-authentication attempts. This procedure is optional.
To disable periodic re-authentication, use the no authentication periodic or the no dot1x
reauthentication interface configuration command. To return to the default number of seconds between
re-authentication attempts, use the no authentication timer or the no dot1x timeout reauth-period
interface configuration command.
reauthentication interface configuration command. To return to the default number of seconds between
re-authentication attempts, use the no authentication timer or the no dot1x timeout reauth-period
interface configuration command.
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
interface interface-id
Specify the port to be configured, and enter interface configuration mode.
Step 3
authentication periodic
or
dot1x reauthentication
Enable periodic re-authentication of the client, which is disabled by
default.
default.
Step 4
authentication timer {{[inactivity |
reauthenticate]} {restart value}}
reauthenticate]} {restart value}}
or
dot1x timeout reauth-period {seconds |
server}
server}
Set the number of seconds between re-authentication attempts.
The authentication timer keywords have these meanings:
•
inactivity—Interval in seconds after which if there is no activity from
the client then it is unauthorized
the client then it is unauthorized
•
reauthenticate—Time in seconds after which an automatic
re-authentication attempt is be initiated
re-authentication attempt is be initiated
•
restart value—Interval in seconds after which an attempt is made to
authenticate an unauthorized port
authenticate an unauthorized port
The dot1x timeout reauth-period keywords have these meanings:
•
seconds—Sets the number of seconds from 1 to 65535; the default is
3600 seconds.
3600 seconds.
•
server—Sets the number of seconds based on the value of the
Session-Timeout RADIUS attribute (Attribute[27]) and the
Termination-Action RADIUS attribute (Attribute [29]).
Session-Timeout RADIUS attribute (Attribute[27]) and the
Termination-Action RADIUS attribute (Attribute [29]).
This command affects the behavior of the switch only if periodic
re-authentication is enabled.
re-authentication is enabled.
Step 5
end
Return to privileged EXEC mode.
Step 6
show authentication interface-id
or
show dot1x interface interface-id
Verify your entries.
Step 7
copy running-config startup-config
(Optional) Save your entries in the configuration file.