Cisco Systems 2960 ユーザーズマニュアル
10-37
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
Chapter 10 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
Default 802.1x Authentication Configuration
shows the default 802.1x authentication configuration.
Table 10-4
Default 802.1x Authentication Configuration
Feature
Default Setting
Switch 802.1x enable state
Disabled.
Per-port 802.1x enable state
Disabled (force-authorized).
The port sends and receives normal traffic without 802.1x-based
authentication of the client.
authentication of the client.
AAA Disabled.
RADIUS server
•
IP address
•
UDP authentication port
•
Key
•
None specified.
•
1812.
•
None specified.
Host mode
Single-host mode.
Control direction
Bidirectional control.
Periodic re-authentication
Disabled.
Number of seconds between
re-authentication attempts
re-authentication attempts
3600 seconds.
Re-authentication number
2 times (number of times that the switch restarts the authentication process
before the port changes to the unauthorized state).
before the port changes to the unauthorized state).
Quiet period
60 seconds (number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client).
following a failed authentication exchange with the client).
Retransmission time
30 seconds (number of seconds that the switch should wait for a response to an
EAP request/identity frame from the client before resending the request).
EAP request/identity frame from the client before resending the request).
Maximum retransmission number
2 times (number of times that the switch will send an EAP-request/identity
frame before restarting the authentication process).
frame before restarting the authentication process).
Client timeout period
30 seconds (when relaying a request from the authentication server to the
client, the amount of time the switch waits for a response before resending the
request to the client.)
client, the amount of time the switch waits for a response before resending the
request to the client.)
Authentication server timeout period
30 seconds (when relaying a response from the client to the authentication
server, the amount of time the switch waits for a reply before resending the
response to the server.)
server, the amount of time the switch waits for a reply before resending the
response to the server.)
You can change this timeout period by using the authentication timer server
or dot1x timeout server-timeout interface configuration command.
or dot1x timeout server-timeout interface configuration command.
Inactivity timeout
Disabled.
Guest VLAN
None specified.
Inaccessible authentication bypass
Disabled.
Restricted VLAN
None specified.
Authenticator (switch) mode
None specified.