Alcatel-Lucent 6850-48 ネットワークガイド
802.1X Specifications
Configuring 802.1X
page 37-2
OmniSwitch AOS Release 6 Network Configuration Guide
September 2009
802.1X Specifications
802.1X Defaults
command and the
relevant command keywords:
Note. By default, accounting is disabled for 802.1X authentication sessions.
RFCs Supported
RFC 2284–PPP Extensible Authentication Protocol (EAP)
RFC 2865–Remote Authentication Dial In User Service
RFC 2865–Remote Authentication Dial In User Service
(RADIUS)
RFC 2866–RADIUS Accounting
RFC 2867–RADIUS Accounting Modifications for Tun-
RFC 2867–RADIUS Accounting Modifications for Tun-
nel Protocol Support
RFC 2868–RADIUS Attributes for Tunnel Protocol Sup-
port
RFC 2869–RADIUS Extensions
IEEE Standards Supported
IEEE 802.1X-2001–Standard for Port-based Network
Access Control
802.1X RADIUS Usage Guidelines
Platforms Supported
OmniSwitch 6400, 6800, 6850, 6855, and 9000
Description
Keyword
Default
Port control in both directions or incoming only. direction {both | in}
both
Port control authorized on the port.
port control {force-authorized |
force-unauthorized | auto}
force-unauthorized | auto}
auto
The time during which the port will not accept
an 802.1X authentication attempt.
an 802.1X authentication attempt.
quiet-period
60 seconds
The time before an EAP Request Identity will
be re-transmitted.
be re-transmitted.
tx-period
30 seconds
Number of seconds before the switch will
time out an 802.1X user who is attempting
to authenticate.
time out an 802.1X user who is attempting
to authenticate.
supp-timeout
30 seconds
Number of times to poll a device for EAP
frames to determine whether or not the
device is an 802.1x client.
frames to determine whether or not the
device is an 802.1x client.
supp-polling retry
2
Maximum number of times the switch will
retransmit an authentication request before it
times out.
retransmit an authentication request before it
times out.
max-req
2
Amount of time that must expire before a
re-authentication attempt is made.
re-authentication attempt is made.
re-authperiod
3600 seconds
Whether or not the port is
re-authenticated.
re-authenticated.
no reauthentication |
reauthentication
reauthentication
no reauthentication