configure netlogin dot1x timers

configure netlogin dot1x timers [{server-timeout server_timeout} {quiet-period quiet_period} {reauth-period reauth_period {reauth-max max_num_reauths}} {supp-resp-timeout supp_resp_timeout}]

Description

Configures the 802.1X timers for network login.

Syntax Description

server-timeout Specifies the timeout period for a response from the RADIUS (Remote Authentication Dial In User Service) server. The range is 1 to 120 seconds.
quiet-period Specifies the time for which the switch will not attempt to communicate with the supplicant after authentication has failed. The range is 0 to 65535 seconds.
reauth-period Specifies time after which the switch will attempt to re-authenticate an authenticated supplicant. The range is 0 to 86,400 seconds.
reauth-max Specifies the maximum reauthentication counter value. The range is 1 to 10.
supp-resp-timeout Specifies the time for which the switch will wait for a response from the supplicant. The range is 1 to 120 seconds.

Default

The defaults are as follows:
  • server-timeout—30 seconds.

  • quiet-period—60 seconds.

  • reauth-period—3600 seconds.

  • reauth-max—3.

  • supp-resp-timeout—30 seconds.

Usage Guidelines

To disable re-authentication, specify 0 for the reauth-period parameter. (If reauth-period is set to 0, reauth-max value doesn't apply.)

If you attempt to configure a timer value that is out of range (not supported), the switch displays an error message. The following is a list of sample error messages:
  • server-timeout—ERROR: RADIUS server response timeout out of range (1..120 sec)

  • quiet-period—%% Invalid number detected at '^' marker. %% Input number must be in the range [0, 65535].

  • reauth-period—%% Invalid input detected at '^' marker. %% Input number must be in the range [0, 86400].

  • reauth-max—ERROR: Re-authentication counter value out of range (1..10)

  • supp-resp-timeout—ERROR: Input number must be in the range [1, 10].

To display the 802.1X timer settings, use the show netlogin command with and without the dot1x option.

Example

The following command changes the 802.1X server-timeout to 10 seconds:

configure netlogin dot1x timers server-timeout 10

History

This command was first available in ExtremeXOS 11.1.

The reauth-max keyword was added in ExtremeXOS 12.1.

Platform Availability

This command is available on the Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X440-G2, X620, X690, X870 series switches.