Setting the 802.1X authentication timeout timers
The network device uses the following 802.1X authentication timeout timers:
Client timeout timer—Starts when the access device sends an EAP-Request/MD5 Challenge packet to a client. If no response is received when this timer expires, the access device retransmits the request to the client.
Server timeout timer—Starts when the access device sends a RADIUS Access-Request packet to the authentication server. If no response is received when this timer expires, the access device retransmits the request to the server.
You can set the client timeout timer to a high value in a low-performance network and adjust the server timeout timer to adapt to the performance of different authentication servers. In most cases, the default settings are sufficient.
To set the 802.1X authentication timeout timers:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Set the client timeout timer. | dot1x timer supp-timeout supp-timeout-value | The default is 30 seconds. |
3. Set the server timeout timer. | dot1x timer server-timeout server-timeout-value | The default is 100 seconds. |