3com S7906E Verweisanleitung
1-16
Or
<Sysname> system-view
[Sysname] dot1x supp-proxy-check trap
[Sysname] interface GigabitEthernet 2/0/9
[Sysname-GigabitEthernet2/0/9] dot1x supp-proxy-check trap
dot1x timer
Syntax
dot1x timer { handshake-period handshake-period-value | quiet-period quiet-period-value |
server-timeout server-timeout-value | supp-timeout supp-timeout-value | tx-period tx-period-value }
undo dot1x timer { handshake-period | quiet-period | server-timeout | supp-timeout | tx-period }
View
System view
Default Level
2: System level
Parameters
handshake-period-value: Setting for the handshake timer in seconds. It ranges from 5 to 1024 and
defaults to 15.
quiet-period-value: Setting for the quiet timer in seconds. It ranges from 10 to 120 and defaults to 60.
server-timeout-value: Setting for the server timeout timer in seconds. It ranges from 100 to 300 and
defaults to 100.
supp-timeout-value: Setting for the supplicant timeout timer in seconds. It ranges from 10 to 120 and
defaults to 30.
tx-period-value: Setting for the username request timeout timer in seconds. It ranges from 10 to 120 and
defaults to 30.
Description
Use the dot1x timer command to set 802.1X timers.
Use the undo dot1x timer command to restore the defaults.
Several timers are used in the 802.1X authentication process to guarantee that the supplicants, the
authenticators, and the RADIUS server interact with each other in a reasonable manner. You can use
this command to set these timers:
z
Handshake timer (handshake-period): After a supplicant passes authentication, the authenticator
sends to the supplicant handshake requests at this interval to check whether the supplicant is
online. If the authenticator receives no response after sending the allowed maximum number of
handshake requests, it considers that the supplicant is offline.
z
Quiet timer (quiet-period): When a supplicant fails the authentication, the authenticator refuses
further authentication requests from the supplicant in this period of time.
z
Server timeout timer (server-timeout): Once an authenticator sends a RADIUS Access-Request
packet to the authentication server, it starts this timer. If this timer expires but it receives no
response from the server, it retransmits the request.