Reference Guide
802.1X | 91
To configure a maximum number of Request Identity re-transmissions:
The example in Configuring a Quiet Period after a Failed Authentication shows configuration information
for a port for which the authenticator re-transmits an EAP Request Identity frame after 90 seconds and
re-transmits a maximum of 10 times.
Configuring a Quiet Period after a Failed Authentication
If the supplicant fails the authentication process, the authenticator sends another Request Identity frame
after 30 seconds by default, but this period can be configured.
To configure the quiet period after a failed authentication:
The example below shows configuration information for a port for which the authenticator re-transmits an
EAP Request Identity frame:
• after 90 seconds and a maximum of 10 times for an unresponsive supplicant
• Re-transmits an EAP Request Identity frame
FTOS(conf-if-range-Te-0/0)#dot1x tx-period 90
FTOS(conf-if-range-Te-0/0)#dot1x max-eap-req 10
FTOS(conf-if-range-Te-0/0)#dot1x quiet-period 120
FTOS#show dot1x interface TenGigabitEthernet 2/1
802.1x information on Te 2/1:
-----------------------------
Dot1x Status: Enable
Port Control: AUTO
Port Auth Status: UNAUTHORIZED
Re-Authentication: Disable
Untagged VLAN id: None
Tx Period: 90 seconds
Quiet Period: 120 seconds
ReAuth Max: 2
Supplicant Timeout: 30 seconds
Server Timeout: 30 seconds
Step Task Command Syntax Command Mode
1 Configure a maximum number of times that a Request
Identity frame can be re-transmitted by the
authenticator.
dot1x max-eap-req number
Range: 1- 10
Default: 2
INTERFACE
Note: The quiet period (dot1x quiet-period) is an transmit interval for after a failed authentication where as
the Request Identity Re-transmit interval (dot1x tx-period) is for an unresponsive supplicant.
Step Task Command Syntax Command Mode
1 Configure the amount of time that the authenticator
waits to re-transmit a Request Identity frame after a
failed authentication.
dot1x quiet-period seconds
Range: 1- 65535
Default: 60
INTERFACE