Context
The device starts the
tx-period timer (specifying the interval for sending 802.1X authentication requests) in either of the following situations:
- When a client initiates authentication, the device sends a unicast Request/Identity packet to the client and starts the tx-period timer. If the client does not respond within the period set by the timer, the device retransmits the authentication request.
- To authenticate the 802.1X clients that cannot initiate authentication, the device periodically sends multicast Request/Identity packets through the 802.1X-enabled interface to the clients at the interval set by the tx-period timer.
If a request packet has been sent for the maximum number of times (configured using the dot1x retry max-retry-value command) and no response is received from the client, the device stops sending the request packet.Generally, if the client fails to be authenticated, the device starts a backup mechanism (Portal authentication or granting specified access permission), so that the client can continue to access the network. If MAC address bypass authentication is disabled, the value of the timeout timer for EAP-Request/Identity packets is calculated as follows:
Timerout = (max-retry-value + 1) x tx-period-value