Operation Manual – 802.1x and System Guard
H3C S3100-52P Ethernet switch
Chapter 1 802.1x Configuration
1-14
to the user. To connect to the switch again, the user needs to initiate 802.1x
authentication with the client software again.
Note:
z
When re-authenticating a user, a switch goes through the complete authentication
process. It transmits the username and password of the user to the server. The
server may authenticate the username and password, or, however, use
re-authentication for only accounting and user connection status checking and
therefore does not authenticate the username and password any more.
z
An authentication server running CAMS authenticates the username and password
during re-authentication of a user in the EAP authentication mode but does not in
PAP or CHAP authentication mode.
PC
Internet
PC
PC
RADIUS
Server
Switch
Figure 1-10
802.1x re-authentication
802.1x re-authentication can be enabled in one of the following two ways:
z
The RADIUS server has the switch perform 802.1x re-authentication of users. The
RADIUS server sends the switch an Access-Accept packet with the
Termination-Action attribute field of 1. Upon receiving the packet, the switch
re-authenticates the user periodically.
z
You enable 802.1x re-authentication on the switch. With 802.1x re-authentication
enabled, the switch re-authenticates users periodically.