Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual
Page 368
368
Rockwell Automation Publication 1783-UM006A-EN-P - May 2014
Chapter 12
Configuring Authentication Types
Configuring Authentication
Hold-off, Timeout, and
Interval
Beginning in privileged EXEC mode, follow these steps to configure hold-off
times, reauthentication periods, and authentication timeouts for client devices
authenticating through your access point:
1. Enter global configuration mode.
configure terminal
2. Enter the number of seconds a client device must wait before it can
reattempt to authenticate following a failed authentication.
dot11 holdoff-time seconds
The hold-off time is invoked when a client fails three login attempts or
fails to respond to three authentication requests from the access point.
Enter a value from 1…65555 seconds.
3. Enter the number of seconds the access point must wait for a client to reply
to an EAP/dot1x message before the authentication fails. Enter a value
from 1…120 seconds.
dot1x timeout supp-response seconds [local]
The RADIUS server can be configured to send a different timeout value
that overrides the one that is configured. Enter the
local
keyword to
configure the access point to ignore the RADIUS server value and use the
configured value.
The optional
no
keyword resets the timeout to its default state, 30
seconds.
4. Enter interface configuration mode for the radio interface.
interface dot11radio { 0 | 1 }
• The 2.4 GHz radio and the 2.4 GHz 802.11n radio is 0.
• The 5 GHz radio and the 5 GHz 802.11n radio is 1.
5. Enter the interval in seconds that the access point waits before forcing an
authenticated client to reauthenticate.
dot1x reauth-period { seconds | server }
Enter the server keyword to configure the access point to use the
reauthentication period specified by the authentication server. If you use
this option, configure your authentication server with RADIUS attribute
27, Session-Timeout.
This attribute sets the maximum number of seconds of service to be
provided to the client before termination of the session or prompt. The
server sends this attribute to the access point when a client device performs
EAP authentication.