The dot1x reauthenticate command configures re-authentication for online 802.1X authentication users.
The undo dot1x reauthenticate command restores the default configuration.
By default, re-authentication is not configured for online 802.1X authentication users.
Usage Scenario
After modifying the authentication parameters of a user on the authentication server, the administrator must re-authenticate the user in real time to ensure user validity if the user has been online.
After the user goes online, the device saves authentication parameters of the user. After re-authentication is configured for online 802.1X authentication users using the dot1x reauthenticate command in the 802.1X access profile, the device automatically sends the user authentication parameters in the 802.1X access profile to the authentication server at an interval (specified using the dot1x timer reauthenticate-period reauthenticate-period-value command) for re-authentication. If the user authentication information on the authentication server remains unchanged, the users are kept online. If the information has been changed, the users are disconnected and need to be re-authenticated based on the changed authentication parameters.
Precautions
After re-authentication is configured for online 802.1X authentication users, a large number of 802.1X authentication logs are generated.
This function takes effect only for users who go online after this function is successfully configured.
If the device is connected to a server for re-authentication and the server replies with a re-authentication deny message that makes an online user go offline, it is recommended that you locate the cause of the re-authentication failure on the server or disable the re-authentication function on the device.