08-03-2007 04:05 AM - edited 03-09-2019 06:31 PM
I performed a "dot1x debug packet" on a XP supplicant. I had reauth-max-req set to 2 but I observered 3 EAP code=1 (requests) frames, why is it not 2?
Solved! Go to Solution.
08-05-2007 06:04 PM
Apologies for the prior ambiguity. The value "max-reauth-req" is how many times it attempts to authenticate the session after it's already tried at least once. So the default value of 2, would spell 3 EAPOL-Identity-Request frames going out on the wire before entering the DISCONNECTED state, or the Guest-VLAN (depending on the config).
Hope this helps,
08-03-2007 04:18 AM
I don?t remember it from top of my head.
But I think this is what is happening,
[1st attempt] + [2 re-authentication attempt] = 3
Regards,
Prem
08-03-2007 04:25 AM
This is what I thought, the documentation on this topic is vague.
08-05-2007 02:52 PM
Apologies, but wasn't this already answered in the other thread?
08-05-2007 05:59 PM
The other thread addressed the differences in max-req and max-reauth-req but not why I was seeing 3 EAP request frames when max-reauth-req was set to 2.
08-05-2007 06:04 PM
Apologies for the prior ambiguity. The value "max-reauth-req" is how many times it attempts to authenticate the session after it's already tried at least once. So the default value of 2, would spell 3 EAPOL-Identity-Request frames going out on the wire before entering the DISCONNECTED state, or the Guest-VLAN (depending on the config).
Hope this helps,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide