Product manual

o 'server-timeout' sets the period of time after which the
switch assumes that authentication has timed out
(default 30 seconds).
o 'max-requests' sets the number of authentication attempts
that must time out before authentication fails (default 3).
o 'logoff-period' sets the period of time of inactivity that
the switch considers an implicit logoff (default 300).
o 'reauth-period' sets the period of time after which connected
MAC addresses must be re-authenticated. When set to 0
the re-authentication is disabled (default 0).
o 'auth-vid' congures the VLAN to which to move a port
after successful authentication. RADIUS server can
override the value. Use 'no' form of the command to set
this PVID to 0. If the PVID is set to 0 no PVID changes
occur unless RADIUS server requests. Changes take effect
immediately. All clients must immediately re-authenticate.
The default is 0.
o 'unauth-vid' congures the VLAN to which to move a port
after failed authentication. Use 'no' form of the command
to set this PVID to 0. Changes take effect immediately.
The default is 0.
o 'reauthenticate' forces re-authentication
of all clients present on a port.
Next Available Options:
mac-list1 -- Manage MAC address based network authentication on the device port(s). ([ethernet]
PORT-LIST) (p. 38)
addr-format < no-delimiter | single-dash | multi-dash | ... > -- Set the MAC address format to
be used in the RADIUS request message (default no-delimiter).(p. 27)
mac-list1
[no] aaa port-access mac-based [ETHERNET] PORT-LIST
Manage MAC address based network authentication on the device port(s).
Next Available Options:
addr-limit < 1 to 32 > -- Set the port's maximum number of authenticated MAC addresses
(default 1). (NUMBER) (p. 27)
addr-moves -- Set whether the MAC can move between ports (default disabled - no moves).(p.
27)
logoff-period < 1 to 9999999 > -- Set the period of time of inactivity that the switch considers
an implicit logoff (default 300 seconds). (NUMBER) (p. 36)
quiet-period < 1 to 65535 > -- Set the period of time the switch does not try to authenticate
(default 60 seconds). (NUMBER) (p. 46)
server-timeout < 1 to 300 > -- Set the authentication server response timeout (default 30
seconds). (NUMBER) (p. 49)
max-requests < 1 to 10 > -- Set maximum number of times the switch retransmits authentication
requests (default 3). (NUMBER) (p. 39)
38© 2008 Hewlett-Packard Development Company, L.P.
aaaCommand Line Interface Reference Guide