z
Re-authentication timer (
reauth-period
). The switch initiates 802.1x re-authentication at the
interval set by the re-authentication timer.
z
RADIUS server timer (
server-timeout
). This timer sets the server-timeout period. After sending an
authentication request packet to the RADIUS server, the switch sends another authentication
request packet if it does not receive the response from the RADIUS server when this timer times
out.
z
Supplicant system timer (
supp-timeout
). This timer sets the supp-timeout period and is triggered
by the switch after the switch sends a request/challenge packet to a supplicant system. The switch
sends another request/challenge packet to the supplicant system if the switch does not receive the
response from the supplicant system when this timer times out.
z
Transmission timer (
tx-period
). This timer sets the tx-period and is triggered by the switch in two
cases. The first case is when the client requests for authentication. The switch sends a unicast
request/identity packet to a supplicant system and then triggers the transmission timer. The switch
sends another request/identity packet to the supplicant system if it does not receive the reply
packet from the supplicant system when this timer times out. The second case is when the switch
authenticates the 802.1x client who cannot request for authentication actively. The switch sends
multicast request/identity packets periodically through the port enabled with 802.1x function. In this
case, this timer sets the interval to send the multicast request/identity packets.
z
Client version request timer (
ver-period
). This timer sets the version period and is triggered after a
switch sends a version request packet. The switch sends another version request packet if it does
receive version response packets from the supplicant system when the timer expires.
802.1x Implementation on a 3Com 4500 Series Switch
In addition to the earlier mentioned 802.1x features, a 3Com 4500 series switch is also capable of the
following:
z
Checking supplicant systems for proxies, multiple network adapters, and so on (This function
needs the cooperation of a CAMS server.)
z
Checking client version
z
The guest VLAN function
H3C's CAMS Server is a service management system used to manage networks and to secure
networks and user information. With the cooperation of other networking devices (such as switches) in
the network, a CAMS server can implement the AAA functions and rights management.
Checking the supplicant system
The switch checks:
z
Supplicant systems logging on through proxies
z
Supplicant systems logging on through IE proxies
z
Whether or not a supplicant system logs in through more than one network adapters (that is,
whether or not more than one network adapters are active in a supplicant system when the
supplicant system logs in).
28-9