Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch
919293949596979899100
Re-Authenticating a Port
You can configure the authenticator for periodic re-authentication.
After the supplicant has been authenticated, and the port has been authorized, you can configure the authenticator to re-
authenticate the supplicant periodically. If you enable re-authentication, the supplicant is required to re-authenticate every
3600 seconds, but you can configure this interval. You can configure a maximum number of re-authentications as well.
To configure re-authentication time settings, use the following commands.
Configure the authenticator to periodically re-authenticate the supplicant.
INTERFACE mode
dot1x reauthentication [interval] seconds
The range is from 1 to 31536000.
The default is 3600.
Configure the maximum number of times that the supplicant can be re-authenticated.
INTERFACE mode
dot1x reauth-max number
The range is from 1 to 10.
The default is 2.
Example of Re-Authenticating a Port and Verifying the Configuration
The bold lines show that re-authentication is enabled and the new maximum and re-authentication time period.
Dell(conf-if-Te-0/0)#dot1x reauthentication
Dell(conf-if-Te-0/0)#dot1x reauthentication interval 7200
Dell(conf-if-Te-0/0)#dot1x reauth-max 10
Dell(conf-if-Te-0/0)#do show dot1x interface TenGigabitEthernet 0/0
802.1x information on Te 0/0:
-----------------------------
Dot1x Status: Enable
Port Control: FORCE_AUTHORIZED
Port Auth Status: UNAUTHORIZED
Re-Authentication: Enable
Untagged VLAN id: None
Tx Period: 90 seconds
Quiet Period: 120 seconds
ReAuth Max: 10
Supplicant Timeout: 30 seconds
Server Timeout: 30 seconds
Re-Auth Interval: 7200 seconds
Max-EAP-Req: 10
Auth Type: SINGLE_HOST
Auth PAE State: Initialize
Backend State: Initialize
Auth PAE State: Initialize
Backend State: Initialize
Configuring Dynamic VLAN Assignment with Port
Authentication
On the switch, 802.1X authentication supports dynamic VLAN assignment.
The basis for VLAN assignment is RADIUS attribute 81, Tunnel-Private-Group-ID. Dynamic VLAN assignment uses the standard
dot1x procedure:
802.1X 94