Cisco Systems 2960 Manual De Usuario

10-51

Catalyst 2960 and 2960-S Switch Software Configuration Guide

OL-8603-09

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication

Configuring 802.1x Authentication

Beginning in privileged EXEC mode, follow these steps to set the switch-to-client frame-retransmission
number. This procedure is optional.

To return to the default retransmission number, use the no dot1x max-req interface configuration
command.

This example shows how to set 5 as the number of times that the switch sends an EAP-request/identity
request before restarting the authentication process:

Switch(config-if)# dot1x max-req 5

Setting the Re-Authentication Number

You can also change the number of times that the switch restarts the authentication process before the
port changes to the unauthorized state.

Note

You should change the default value of this command only to adjust for unusual circumstances such as
unreliable links or specific behavioral problems with certain clients and authentication servers.

Beginning in privileged EXEC mode, follow these steps to set the re-authentication number. This
procedure is optional.

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface-id

Specify the port to be configured, and enter interface configuration mode.

Step 3

dot1x max-reauth-req count

Set the number of times that the switch sends an EAP-request/identity
frame to the client before restarting the authentication process. The range
is 1 to 10; the default is 2.

Step 4

end

Return to privileged EXEC mode.

Step 5

show authentication interface
interface-id

show dot1x interface interface-id

Verify your entries.

Step 6

copy running-config startup-config

(Optional) Save your entries in the configuration file.