Configuration Guide User guide
FastIron Configuration Guide 1813
53-1002494-02
802.1X port security configuration
Setting the wait interval for EAP frame retransmissions
By default, if the Brocade device does not receive an EAP-response/identity frame from a Client,
the device waits 30 seconds, then retransmits the EAP-request/identity frame. You can optionally
change the amount of time the Brocade device waits before retransmitting the
EAP-request/identity frame to the Client.
For example, to cause the Brocade device to wait 60 seconds before retransmitting an
EAP-request/identity frame to a Client, enter the following command.
Brocade(config-dot1x)#timeout tx-period 60
If the Client does not send back an EAP-response/identity frame within 60 seconds, the device will
transmit another EAP-request/identity frame.
Syntax: [no] timeout tx-period <seconds>
where <seconds> is a value from 1 – 4294967295. The default is 30 seconds.
Setting the maximum number of EAP frame retransmissions
The Brocade device retransmits the EAP-request/identity frame a maximum of two times. If no
EAP-response/identity frame is received from the Client after two EAP-request/identity frame
retransmissions (or the amount of time specified with the auth-max command), the device restarts
the authentication process with the Client.
You can optionally change the number of times the Brocade device should retransmit the
EAP-request/identity frame. You can specify between 1 – 10 frame retransmissions. For example,
to configure the device to retransmit an EAP-request/identity frame to a Client a maximum of three
times, enter the following command:
Brocade(config-dot1x)#auth-max 3
Syntax: auth-max <value>
<value> is a number from 1 – 10. The default is 2.
Wait interval and number of EAP-request/
identity frame retransmissions from the RADIUS server
Acting as an intermediary between the RADIUS Authentication Server and the Client, the Brocade
device receives RADIUS messages from the RADIUS server, encapsulates them as EAPOL frames,
and sends them to the Client. By default, when the Brocade device relays an EAP-Request frame
from the RADIUS server to the Client, it expects to receive a response from the Client within 30
seconds. If the Client does not respond within the allotted time, the device retransmits the
EAP-Request frame to the Client. Also by default, the Brocade device retransmits the EAP-request
frame twice. If no EAP-response frame is received from the Client after two EAP-request frame
retransmissions, the device restarts the authentication process with the Client.
You can optionally configure the amount of time the device will wait before retransmitting an
EAP-request/identity frame, and the number of times the EAP-request/identity frame will be
transmitted. This section provides the command syntax for these features.