3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

211

212

213

214

215

216

217

218

219

220

220 CHAPTER 28: CENTRALIZED MAC ADDRESS AUTHENTICATION CONFIGURATION

Configuring the Timers

Used in Centralized MAC

Address Authentication

The following timers are used in centralized MAC address authentication:

■ Offline detect timer, which sets the time interval for a switch to test whether a

user goes offline. Upon detecting a user is offline, a switch notifies the RADIUS

server of the user to trigger the RADIUS server to stop the accounting on the

user.

■ Quiet timer, which sets the quiet period for a switch. After a user fails to pass

the authentication performed by a switch, the switch quiets for a specific

period (the quiet period) before it authenticates users again.

■ Server timeout timer. During authentication, the switch prohibits the user from

accessing the network through the corresponding port if the connection

between the switch and RADIUS server times out. In this case, the user can

have it authenticated through another port of the switch.

■ Reauth-period timer. After a user pass the MAC address authentication, the

switch will periodically request the server for re-authentication. The period is

determined by the Reauth-period server.

Table 150 lists the operations to configure the timers used in centralized MAC

address authentication.

Configuring Centralized

MAC Address

Re-Authentication

Re-authentication function enables a switch to re-authenticate a user’s identity or

change his authentication information when necessary if the user adopts the MAC

address authentication to access the network.

Tabl e 150 Configure the timers used in centralized MAC address authentication

Operation Command Description

Enter system view system-view -

Configure a timer used in

centralized MAC address

authentication

mac-authentication timer {

offline-detect

offline-detect-value | quiet

quiet-value | server-timeout

server-timeout-value |

reauth-period

reauth-period-value }

Optional

The default settings of the

timers used in centralized

MAC address authentication

are as follows:

■ Offline detect timer: 300

seconds

■ Quiet timer: 60 seconds

■ Server timeout timer: 100

seconds

■ Reauth-period timer: 1800

seconds

Tabl e 151 Configure the centralized MAC address re-authentication function

Operation Command Description

Enter system view system-view -

Enable the MAC address

re-authentication function

globally

mac-authentication

re-authenticate enable

Required

By default, MAC address

re-authentication function is

disabled.

Enable to re-authenticate the

specified MAC address

mac-authentication

re-authenticate

mac-address mac-address

Required