Users Guide
To congure re-authentication time settings, use the following commands:
• Congure the authenticator to periodically re-authenticate the supplicant.
INTERFACE mode
dot1x reauthentication [interval] seconds
The range is from 1 to 31536000.
The default is 3600.
• Congure the maximum number of times the supplicant can be re-authenticated.
INTERFACE mode
dot1x reauth-max number
The range is from 1 to 10.
The default is 2.
Example of Re-Authenticating a Port and Verifying the Conguration
The bold lines show that re-authentication is enabled and the new maximum and re-authentication time period.
Dell(conf-if-Te-1/1/1/1)#dot1x reauthentication interval 7200
Dell(conf-if-Te-1/1/1/1)#dot1x reauth-max 10
Dell(conf-if-Te-1/1/1/1)#do show dot1x interface TenGigabitEthernet 1/1/1/1
802.1x information on Te 1/1/1/1:
-----------------------------
Dot1x Status: Enable
Port Control: FORCE_AUTHORIZED
Port Auth Status: UNAUTHORIZED
Re-Authentication: Enable
Untagged VLAN id: None
Tx Period: 90 seconds
Quiet Period: 120 seconds
ReAuth Max: 10
Supplicant Timeout: 30 seconds
Server Timeout: 30 seconds
Re-Auth Interval: 7200 seconds
Max-EAP-Req: 10
Auth Type: SINGLE_HOST
Auth PAE State: Initialize
Backend State: Initialize
Auth PAE State: Initialize
Backend State: Initialize
Conguring Dynamic VLAN Assignment with Port
Authentication
Dell Networking OS supports dynamic VLAN assignment when using 802.1X.
The basis for VLAN assignment is RADIUS attribute 81, Tunnel-Private-Group-ID. Dynamic VLAN assignment uses the standard dot1x
procedure:
1 The host sends a dot1x packet to the Dell Networking system
2 The system forwards a RADIUS REQEST packet containing the host MAC address and ingress port number
3 The RADIUS server authenticates the request and returns a RADIUS ACCEPT message with the VLAN assignment using Tunnel-
Private-Group-ID
The illustration shows the conguration on the Dell Networking system before connecting the end user device in black and blue text, and
after connecting the device in red text. The blue text corresponds to the preceding numbered steps on dynamic VLAN assignment with
802.1X.
802.1X
89