Switch 7700 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch Gigabit-LX Module

191

192

193

194

195

196

197

198

199

200

IEEE 802.1x 183

By default, the quiet-period-value is 60 seconds, the tx-period-value is 30 seconds,

the supp-timeout-value is 30 seconds, the server-timeout-value is 100 seconds.

Enabling/Disabling Quiet-Period Timer

You can use the following commands to enable/disable a quiet-period timer of the

Switch 7700. If an 802.1x user has not passed authentication, the Authenticator

will keep quiet (specified by quiet-period) before launching the authentication

again. During the quiet period, the Authenticator does not do anything related to

802.1x authentication.

Perform the following configuration in system view.

Displaying and

Debugging 802.1x

After the above configuration, execute the display command in all views to

display the VLAN configuration, and to verify configuration. Execute the reset

command in user view to reset 802.1x statistics information. Execute the

debugging command in user view to debug the 802.1x module.

Example: 802.1x

Configuration

As shown in the following figure, the workstation is connected to the 1/0/2 of the

Switch 7700.

The switch administrator will enable 802.1x on all the ports to authenticate the

supplicants to control their access to the Internet. The access control mode is

based on the MAC address.

All the supplicants belong to the default domain 3com163.net, which can contain

up to 30 users. RADIUS authentication is performed first. If there is no response

from the RADIUS server, local authentication will be performed. For accounting, if

the RADIUS server fails to account, the user will be disconnected. In addition,

when the user is connected, the domain name does not follow the user name.

Normally, if the user’s traffic is less than 2kbps consistently over 20 minutes, he will

be disconnected.

Tabl e 10 Enable/Disable a Quiet-Period Timer

Operation Command

Enable a quiet-period timer. dot1x quiet-period

Disable a quiet-period timer undo dot1x quiet-period

Tabl e 11 Display and Debug 802.1x

Operation Command

Display the configuration,

running and statistics

information of 802.1x

display dot1x [interface-list] | [session | statistics]

{interface interface-list}

Reset the 802.1x statistics

information

reset dot1x statistics [interface interface-list]

Enable the

error/event/packet/all

debugging of 802.1x

debugging dot1x {error | event | packet | all}

Disable the

error/event/packet/all

debugging of 802.1x.

undo debugging dot1x {error | event | packet | all}