The NEAP client re-authentication feature supports the re-authentication of NEAP clients at defined intervals.
When you enable NEAP client re-authentication, an authenticated NEAP client is only removed from the authenticated client list if you remove the client account from the RADIUS server, or if you clear the NEAP authenticated client from the switch.
If an authenticated NEAP client does not generate traffic on the network, the system removes the MAC address for that client from the MAC address table when MAC ages out. Although the client MAC address does not appear in the MAC Address table, the client can appear as an authenticated client.
If you enable NEAP client re-authentication and the RADIUS server that the switch connects to becomes unavailable, the system clears all authenticated NEAP and removes those clients from the switch NEAP client list.
You cannot authenticate one NEAP client on more than one switch port simultaneously. If you connect NEAP clients to a switch port through a hub, those clients are authenticated on that switch port. If you disconnect a NEAP client from the hub and connect it directly to another switch port, the client is authenticated on the new port and its authentication is removed from the port to which the hub is connected.