Specifications

Managing 802.1X Client Reauthentication

19-6 Managing 802.1X on the RoamAbout Switch

Setting the Maximum Number of 802.1X Reauthentication Attempts

Thefollowingcommandsetsthenumberofreauthenticationattempt sthattheRASmakesbefore

thesupplicant(client)becomesunauthorized:

set dot1x reauth-max number-of-attempts

Thedefaultnumberofreauthenticationattemptsis2.Youcanspecifyfrom1to10attempts.

Examples

Typethefollowingcommandtosetthenumberofauthenticationattemptsto8:

RBT-8100# set dot1x reauth-max 8

success: dot1x max reauth set to 8.

Typethefollowingcommandtoresetthemaximumnumberofreauthorizationattemptstothe

default:

RBT-8100# clear dot1x reauth-max

success: change accepted.

Setting the 802.1X Reauthentication Period

ThefollowingcommandconfiguresthenumberofsecondsthattheRASwaitsbeforeattempt ing

reauthentication:

set dot1x reauth-period seconds

Thedefaultis3600 seconds(1 hour).Therangeisfrom60 to1 ,64 1,600 seconds (19 days).This

valuecanbeoverriddenbyuserauthorizationparameters.

MSSreauthenticatesdynamicWEPclientsbasedonthereauthenticationtimer.MSSalso

reauthenticatesWPAclientsiftheclientsusetheWEP‐40orWEP‐104cipher.Foreachdynamic

WEP

clientorWPAclientusingaWEPcipher,thereauthenticationtimerissettothelesserofthe

globalsettingorthevaluereturnedbytheAAAserverwith therestoftheauthorizationattributes

forthatclient.

Examples

Typethefollowingcommandtosetthenumberofsecondsto100beforereauthenticationis

attempted:

RBT-8100# set dot1x reauth-period 100

success: dot1x auth-server timeout set to 100.

Note: If the number of reauthentications for a wired authentication client is greater than the

maximum number of reauthentications allowed, MSS sends an EAP failure packet to the client and

removes the client from the network. However, MSS does not remove a wireless client from the

network under these circumstances.