Specifications
Security Options 87
Chapter 5
The equivalent CLI configuration for the example above is:
aaa dot1x default-role "employee"
aaa dot1x mode enable
dot1x server server-timeout 30
dot1x timeout idrequest-period 30
dot1x timeout quiet-period 30
dot1x max-req 3
dot1x server server-retry 2
dot1x re-authentication
dot1x timeout reauthperiod 3600
dot1x multicast-keyrotation
dot1x timeout mcastkey-rotation-period 1200
dot1x unicast-keyrotation
dot1x timeout ucastkey-rotation-period 240
aaa dot1x max-authentication-failures 0
802.1x Authentication Server
802.1x authentication requires the use of an authentication server that
supports the same EAP type as that used by the client. 802.1x authentication
servers may be configured below the 802.1x configuration screen, as shown
in the figure below.
FIGURE 5-19 802.1x Authentication Server
To add an authentication server, click the “Add” button. One or more servers
may be added to the list. To change the order in which servers are used by the
system, click the up or down arrows next to the appropriate server name.
The equivalent CLI command to add the server shown above is:
aaa dot1x auth-server test