Users Guide
Critical VLAN Enable
Critical VLAN id: 300
Re-Authentication: Disable
Untagged VLAN id: 400
Guest VLAN: Enable
Guest VLAN id: 100
Auth-Fail VLAN: Disable
Auth-Fail VLAN id: NONE
Auth-Fail Max-Attempts: NONE
Mac-Auth-Bypass: Enable
Mac-Auth-Bypass Only: Enable
Tx Period: 3 seconds
Quiet Period: 60 seconds
ReAuth Max: 2
Supplicant Timeout: 30 seconds
Server Timeout: 30 seconds
Re-Auth Interval: 3600 seconds
Max-EAP-Req: 2
Host Mode: SINGLE_HOST
Auth PAE State: Authenticated
Backend State: Idle
Configuring Request Identity Re-Transmissions
If the authenticator sends a Request Identity frame, but the supplicant does not respond, the
authenticator waits 30 seconds and then re-transmits the frame.
The amount of time that the authenticator waits before re-transmitting and the maximum number of
times that the authenticator re-transmits are configurable.
NOTE: There are several reasons why the supplicant might fail to respond; for example, the
supplicant might have been booting when the request arrived or there might be a physical layer
failure.
To configure re-transmissions, use the following commands.
• Configure the amount of time that the authenticator waits before re-transmitting an EAP Request
Identity frame.
INTERFACE mode
dot1x tx-period number
The range is from 1 to 65535 (1 year)
The default is 30.
• Configure a maximum number of times the authenticator re-transmits a Request Identity frame.
INTERFACE mode
dot1x max-eap-req number
The range is from 1 to 10.
The default is 2.
The example in Configuring a Quiet Period after a Failed Authentication shows configuration information
for a port for which the authenticator re-transmits an EAP Request Identity frame after 90 seconds and
re-transmits a maximum of 10 times.
100
802.1X