21-45
Catalyst 6000 Family Software Configuration Guide—Releases 6.3 and 6.4
78-13315-02
Chapter 21 Configuring Switch Access Using AAA
Configuring Authentication
Setting theBack-End Authenticator-to-Authentication-Server Retransmission Time for Transport
Layer Packets
The authentication server notifies the back-end authenticator each time it receives a transport layer
packet. When the back-end authenticator does
not
receive a notification after sending a packet, the
back-end authenticator waits a set period of time, and then retransmits the packet. You may set the
amount of time that the back-end authenticator waits for notification from 1 to 65535 seconds. (The
default is 30 seconds.)
To set the value for the retransmission of transport layer packets from the back-end authenticator to the
authentication server, perform this task in privileged mode:
This example shows how to set the value for the retransmission time for transport layer packets sent from
the back-end authenticator to the authentication server to 15 seconds:
Console> (enable)
set dot1x server-timeout 15
dot1x server-timeout set to 15 seconds.
Setting the Back-End Authenticator-to-Supplicant Frame-Retransmission Number
The authentication server notifies the back-end authenticator each time it receives a specific number of
frames. When the back-end authenticator does not receive this notification after sending the frames, the
back-end authenticator waits a set period of time, and then retransmits the frames. You may set the
number of frames that the back-end authenticator retransmits from 1 to 10 (the default is 2).
To set the number of frames retransmitted from the back-end authenticator to the supplicant, perform
this task in privileged mode:
This example shows how to set the number of retransmitted frames sent from the back-end authenticator
to the supplicant to 4:
Console> (enable)
set dot1x max-req 4
dot1x max-req set to 4.
Resetting the 802.1x Configuration Parameters to the Default Values
You can reset the 802.1x configuration parameters to the default values with a single command, which
also globally disables 802.1x.
Task
Command
Set the back-end authenticator-to-authentication-server
retransmission time for transport layer packets.
set dot1x server-timeout
seconds
Task
Command
Set the back-end authenticator-to-supplicant
frame retransmission number.
set dot1x max-req
count