Configuring periodic re-authentication, Configuring periodic re-authentication” section on – Dell POWEREDGE M1000E User Manual

10-43

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide

OL-13270-03

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication

Configuring IEEE 802.1x Authentication

This example shows how to enable MDA and to allow both a host and a voice device on the port:

Switch(config)# interface gigabitethernet3/0/1

Switch(config-if)# dot1x port-control auto

Switch(config-if)# dot1x host-mode multi-domain

Switch(config-if)# switchport voice vlan 101

Switch(config-if)# end

Configuring Periodic Re-Authentication

You can enable periodic IEEE 802.1x client re-authentication and specify how often it occurs. If you do
not specify a time period before enabling re-authentication, the number of seconds between attempts is
3600.

Beginning in privileged EXEC mode, follow these steps to enable periodic re-authentication of the client
and to configure the number of seconds between re-authentication attempts. This procedure is optional.

Command

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface interface-id

Specify the port to be configured, and enter interface configuration mode.

Step 3

authentication periodic

or

dot1x reauthentication

Enable periodic re-authentication of the client, which is disabled by
default.

Step 4

authentication timer {{[inactivity |
reauthenticate] [server | am]} {restart
value}}

or

dot1x timeout reauth-period {seconds |
server}

Set the number of seconds between re-authentication attempts.

The authentication timer keywords have these meanings:

•

inactivity—Interval in seconds after which if there is no activity from
the client then it is unauthorized

•

reauthenticate—Time in seconds after which an automatic
re-authentication attempt is be initiated

•

server am—Interval in seconds after which an attempt is made to
authenticate an unauthorized port

•

restart value—Interval in seconds after which an attempt is made to
authenticate an unauthorized port

The dot1x timeout reauth-period keywords have these meanings:

•

seconds—Sets the number of seconds from 1 to 65535; the default is
3600 seconds.

•

server—Sets the number of seconds based on the value of the
Session-Timeout RADIUS attribute (Attribute[27]) and the
Termination-Action RADIUS attribute (Attribute [29]).

This command affects the behavior of the switch only if periodic
re-authentication is enabled.

Step 5

end

Return to privileged EXEC mode.