HP MSR2000/3000/4000 Router Series Security Command Reference
94
Views
Layer 2 Ethernet interface view
Predefined user roles
network-admin
Usage guidelines
Periodic re-authentication enables the access device to periodically authenticate online 802.1X users on
a port. This function tracks the connection status of online users and updates the authorization attributes
assigned by the server, such as the ACL, VLAN, and user profile.
You can use the dot1x timer reauth-period command to configure the interval for re-authentication.
Examples
# Enable the 802.1X periodic online user re-authentication function on Ethernet 1/1 and set the periodic
re-authentication interval to 1800 seconds.
<Sysname> system-view
[Sysname] dot1x timer reauth-period 1800
[Sysname] interface ethernet 1/1
[Sysname-Ethernet1/1] dot1x re-authenticate
Related commands
• display dot1x
• dot1x timer
dot1x retry
Use dot1x retry to set the maximum number of attempts for sending an authentication request to a client.
Use undo dot1x retry to restore the default.
Syntax
dot1x retry max-retry-value
undo dot1x retry
Default
The maximum number of attempts that the device can send an authentication request to a client is two.
Views
System view
Predefined user roles
network-admin
Parameters
max-retry-value: Specifies the maximum number of attempts for sending an authentication request to a
client. The value range is 1 to 10.
Usage guidelines
After the network access device sends an authentication request to a client, if the device receives no
response from the client within the username request timeout timer (set with the dot1x timer tx-period
tx-period-value command for the EAP-Request/Identity packet) or the client timeout timer (set with the