Configuring 802.1x Port-Based Authentication
Enabling periodic re-authentication

Periodic 802.1x client re-authentication, as well as how often it occurs, can be configured . If a time period before enabling re-authentication is not specified, the number of seconds between re-authentication attempts is 3600.

Automatic 802.1x client re-authentication is a global setting and cannot be set for clients connected to individual ports.

Beginning in privileged EXEC mode, the following steps are used to enable periodic re-authentication of the client and to configure the number of seconds between re-authentication attempts:

Step 1 Enter global configuration mode.
Step 2 Enable periodic re-authentication of the client, which is disabled by default, with the dot1x re-authentication command.
Step 3 Set the number of seconds between re-authentication attempts with the dot1x timeout re-authperiod seconds command. The range is 1 to 4294967295 and the default is 3600 seconds. This command affects the behavior of the switch only if periodic re-authentication is enabled.
Step 4 Return to privileged EXEC mode.
Step 5 Verify the configuration.

To disable periodic re-authentication, use the no dot1x re-authentication global configuration command. To return to the default number of seconds between re-authentication attempts, use the no dot1x timeout re-authperiod global configuration command.

The example in Figure shows how to enable periodic re-authentication and set the number of seconds between re-authentication attempts to 4000.