17
STEP 4
337
•
Resending EAP—Enter the number of seconds that the device waits for a
response to an Extensible Authentication Protocol (EAP) request/identity
frame from the supplicant (client) before resending the request.
•
Max EAP Requests—Enter the maximum number of EAP requests that can
be sent. If a response is not received after the defined period (supplicant
timeout), the authentication process is restarted.
•
Supplicant Timeout—Enter the number of seconds that lapses before EAP
requests are resent to the supplicant.
•
Server Timeout—Enter the number of seconds that lapses before the
device resends a request to the authentication server.
•
Termination Cause—Displays the reason for which port authentication was
terminated, if applicable.
Click Apply. The port settings are written to the Running Configuration file.
Defining Host and Session Authentication
The Host and Session Authentication page enables defining the mode in which
802. 1 X operates on the port and the action to perform if a violation has been
detected.
The 802. 1 X modes are:
•
Single—Only a single authorized host can access the port. (Port Security
cannot be enabled on a port in single-host mode.)
•
Multiple Host (802. 1 X)—Multiple hosts can be attached to a single 802. 1 X-
enabled port. Only the first host must be authorized, and then the port is
open for all who want to access the network. If the host authentication fails,
or an EAPOL-logoff message is received, all attached clients are denied
access to the network.
•
Multiple Sessions—Enables the number of specific authorized hosts to
access the port. Each host is treated as if it were the first and only user and
must be authenticated. Filtering is based on the source MAC address.
Cisco Small Business 300 Series Managed Switch Administration Guide
Security
Configuring 802. 1 X