Cisco Systems 3560 사용자 설명서

These section has configuration guidelines for these features:

These are the 802.1x authentication configuration guidelines:

When 802.1x authentication is enabled, ports are authenticated before any other Layer 2 or Layer 3 
features are enabled.

If you try to change the mode of an 802.1x-enabled port (for example, from access to trunk), an error 
message appears, and the port mode is not changed.

If the VLAN to which an 802.1x-enabled port is assigned changes, this change is transparent and 
does not affect the switch. For example, this change occurs if a port is assigned to a RADIUS 
server-assigned VLAN and is then assigned to a different VLAN after re-authentication.

If the VLAN to which an 802.1x port is assigned to shut down, disabled, or removed, the port 
becomes unauthorized. For example, the port is unauthorized after the access VLAN to which a port 
is assigned shuts down or is removed.

Maximum retransmission number

2 times (number of times that the switch will send an EAP-request/identity 
frame before restarting the authentication process).

Client timeout period 

30 seconds (when relaying a request from the authentication server to the 
client, the amount of time the switch waits for a response before resending the 
request to the client.)

Authentication server timeout period 

30 seconds (when relaying a response from the client to the authentication 
server, the amount of time the switch waits for a reply before resending the 
response to the server.)

You can change this timeout period by using the authentication timer server 
or dot1x timeout server-timeout interface configuration command.

Inactivity timeout

Disabled.

Guest VLAN

None specified.

Inaccessible authentication bypass

Disabled.

Restricted VLAN

None specified.

Authenticator (switch) mode

None specified.

MAC authentication bypass

Disabled.

Voice-aware security

Disabled