7-11
Catalyst 3550 Multilayer Switch Software Configuration Guide
78-11194-03
Chapter 7 Configuring 802.1X Port-Based Authentication
Configuring 802.1X Authentication
Manually Re-Authenticating a Client Connected to a Port
You can manually re-authenticate the client connected to a specific port at any time by entering the dot1x
re-authenticate interface interface-id privileged EXEC command. If you want to enable or disable
periodic re-authentication, see the
“Enabling Periodic Re-Authentication” section on page 7-10
.
This example shows how to manually re-authenticate the client connected to Fast Ethernet port 0/1:
Switch# dot1x re-authenticate interface fastethernet0/1
Starting reauthentication on FastEthernet0/1
Changing the Quiet Period
When the switch cannot authenticate the client, the switch remains idle for a set period of time, and then
tries again. The idle time is determined by the quiet-period value. A failed authentication of the client
might occur because the client provided an invalid password. You can provide a faster response time to
the user by entering a smaller number than the default.
Beginning in privileged EXEC mode, follow these steps to change the quiet period:
To return to the default quiet time, use the no dot1x timeout quiet-period global configuration
command.
This example shows how to set the quiet time on the switch to 30 seconds:
Switch(config)# dot1x timeout quiet-period 30
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
dot1x timeout quiet-period seconds
Set the number of seconds that the switch remains in the quiet state
following a failed authentication exchange with the client.
The range is 0 to 65535 seconds; the default is 60.
Step 3
end
Return to privileged EXEC mode.
Step 4
show dot1x
Verify your entries.
Step 5
copy running-config startup-config
(Optional) Save your entries in the configuration file.