< Home

Configuring the Quiet Function

Context

If a user frequently fails 802.1X authentication within a short period, system performance will be affected, and brute force attacks on the user name and password may occur.

After the quiet function is enabled, if the number of times that a user fails to be authenticated within 60s exceeds the upper limit, the device discards the user's authentication request packets for a period to avoid frequent authentication failures.

When the number of quiet entries reaches the maximum number, the device does not allow new users who are not in the quiet table to access the network.

Procedure

  • Configure the quiet function for 802.1X authentication users.

    1. Run system-view

      The system view is displayed.

    2. Run dot1x quiet-period

      The quiet function is enabled for 802.1X authentication users.

      By default, the quiet function is enabled for 802.1X authentication users.

    3. (Optional) Run dot1x quiet-times fail-times

      The maximum number of authentication failures within 60 seconds before the device quiets an 802.1X authentication user is configured.

      By default, the maximum number of authentication failures is 10.

    4. (Optional) Run dot1x timer quiet-period quiet-period-value

      The quiet period is configured for 802.1X authentication users who fail to be authenticated.

      By default, the quiet period is 60 seconds for 802.1X authentication users who fail to be authenticated.

Parent Topic: (Optional) Configuring 802.1X Extended Functions
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic