08-03-2007 04:05 AM - edited 03-09-2019 06:31 PM
I performed a "dot1x debug packet" on a XP supplicant. I had reauth-max-req set to 2 but I observered 3 EAP code=1 (requests) frames, why is it not 2?
Solved! Go to Solution.
08-05-2007 06:04 PM
Apologies for the prior ambiguity. The value "max-reauth-req" is how many times it attempts to authenticate the session after it's already tried at least once. So the default value of 2, would spell 3 EAPOL-Identity-Request frames going out on the wire before entering the DISCONNECTED state, or the Guest-VLAN (depending on the config).
Hope this helps,
08-03-2007 04:18 AM
I don?t remember it from top of my head.
But I think this is what is happening,
[1st attempt] + [2 re-authentication attempt] = 3
Regards,
Prem
08-03-2007 04:25 AM
This is what I thought, the documentation on this topic is vague.
08-05-2007 02:52 PM
Apologies, but wasn't this already answered in the other thread?
08-05-2007 05:59 PM
The other thread addressed the differences in max-req and max-reauth-req but not why I was seeing 3 EAP request frames when max-reauth-req was set to 2.
08-05-2007 06:04 PM
Apologies for the prior ambiguity. The value "max-reauth-req" is how many times it attempts to authenticate the session after it's already tried at least once. So the default value of 2, would spell 3 EAPOL-Identity-Request frames going out on the wire before entering the DISCONNECTED state, or the Guest-VLAN (depending on the config).
Hope this helps,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: