Configuring periodic re-authentication – Brocade BigIron RX Series Configuration Guide User Manual

Page 1138

Advertising
background image

1060

BigIron RX Series Configuration Guide

53-1002484-04

Configuring 802.1x port security

34

When an interface’s control type is set to auto, its controlled port is initially set to unauthorized, but
is changed to authorized when the connecting Client is successfully authenticated by an
Authentication Server.

The port control type can be one of the following.

force-authorized – The port’s controlled port is placed unconditionally in the authorized state,
allowing all traffic. This is the default state for ports on the BigIron RX. Also, this parameter allows
connection from multiple Clients.

force-unauthorized – The controlled port is placed unconditionally in the unauthorized state.

auto – The controlled port is unauthorized until authentication takes place between the Client and
Authentication Server. Once the Client passes authentication, the port becomes authorized. This
has the effect of activating authentication on an 802.1x-enabled interface.

NOTE: You cannot enable 802.1x port security on ports that have any of the following features
enabled:

10 Gbps ports

Static MAC configurations

Link aggregation

Metro Ring Protocol (MRP)

Tagged port

Mirror port

Trunk port

MAC port security

Management Port

VE members

Configuring periodic re-authentication

You can configure the device to periodically re-authenticate Clients connected to 802.1x-enabled
interfaces. When you enable periodic re-authentication, the device re-authenticates Clients every
3,600 seconds by default. You can optionally specify a different re-authentication interval of
between 1 – 4294967295 seconds.

To configure periodic re-authentication using the default interval of 3,600 seconds, enter the
following command.

BigIron RX(config)#dot1x-enable

BigIron RX(config-dot1x)# re-authentication

Syntax: [no] re-authentication

To configure periodic re-authentication with an interval of 2,000 seconds, enter the following
commands.

BigIron RX(config)#dot1x-enable

BigIron RX(config-dot1x)# re-authentication

BigIron RX(config-dot1x)# timeout re-authperiod 2000

Syntax: [no] timeout re-authperiod <seconds>

Advertising
Popular Brands
Popular manuals