Manualshelf

R0106-HP MSR Router Series Security Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router
141142143144145146147148149150
128
Parameters
max-retry-value: Specifies the maximum number of attempts for sending an authentication request to a
client. The value range is 1 to 10.
Usage guidelines
After the network access device sends an authentication request to a client, if the device receives no
response from the client within the username request timeout timer (set with the dot1x timer tx-period
tx-period-value command for the EAP-Request/Identity packet) or the client timeout timer (set with the
dot1x timer supp-timeout supp-timeout-value command for the EAP-Request MD5 Challenge packet), the
device retransmits the authentication request. The network access device stops retransmitting the request,
if it has made the maximum number of request transmission attempts but still received no response.
Examples
# Set the maximum number of attempts for sending an authentication request to a client to 9.
<Sysname> system-view
[Sysname] dot1x retry 9
Related commands
display dot1x
dot1x timer
dot1x smarton
Use dot1x smarton to enable the SmartOn feature on a port.
Use undo dot1x smarton to disable the SmartOn feature on a port.
Syntax
dot1x smarton
undo dot1x smarton
Default
The SmartOn feature is disabled on a port.
Views
Ethernet interface view
Predefined user roles
network-admin
Usage guidelines
The SmartOn feature and the online user handshake function are mutually exclusive.
When a SmartOn-enabled port receives an EAPOL-Start packet from an 802.1X client, it sends a unicast
EAP-Request/Notification packet to the client. The client will respond with an EAP-Response/Notification
packet, which contains the SmartOn switch ID and the MD5 digest of the SmartOn password. If the
SmartOn switch ID and MD5 digest in the packet match the SmartOn switch ID and MD5 digest on the
device, the device continues to perform 802.1X authentication for the client. Otherwise, the device denies
the client's 802.1X authentication request.
Examples
# Enable the SmartOn feature on port GigabitEthernet 2/1/1.
<Sysname> system-view