Setting the 802.1X authentication timeout timers
The network device uses the following 802.1X authentication timeout timers:
Client timeout timer—Starts when the access device sends an EAP-Request/MD5-Challenge packet to a client. If no response is received when this timer expires, the access device retransmits the request to the client.
Server timeout timer—Starts when the access device sends a RADIUS Access-Request packet to the authentication server. If no response is received when this timer expires, the access device retransmits the request to the server.
In most cases, the default settings are sufficient. You can edit the timers, depending on the network conditions.
In a low-speed network, increase the client timeout timer.
In a network with authentication servers of different performance, adjust the server timeout timer.
To set the 802.1X authentication timeout timers:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Set the client timeout timer. | dot1x timer supp-timeout supp-timeout-value | The default is 30 seconds. |
3. Set the server timeout timer. | dot1x timer server-timeout server-timeout-value | The default is 100 seconds. |