Actually, max-req represents the maximum number of retries a switch attempts (if it needs to) for EAP-Request frames of types other than EAP-Identity-Request.

Or in other words, say a supplicant disappears (or goes bonkers) in the middle of an authentication attempt. The switch would re-transmit an EAP-Data-Request frame it did not get a response to twice (if you assume max-req = 3) before giving up on the auth attempt completely.

So apologies for being too literal, but what do you meand by "configure multiple attempts"?

Thanks,

My customer wants the user to be able to have more no of attempts to provide the username & password in the event of the user providing wrong information. AT the moment the switch provides 3 attempts. I have configured the max req = 5 but still it provides only 3 attempts in total. Is there some thing i am missing?

What supplicant are you using? I have been doing some testing using the Windows built-in supplicant (Windows 2000) and have found that Windows seems to surpress subsequent authentication attempts after the 3rd failure. Debugging shows the switch still sending the EAPOL frames to the client but the client just ignores them. You can manually restart the 'Wireless Configuration Service' on the client and the logon dialogue box appears again, either that or unplug the ethernet cable and re-connect it.

It maybe soemthing that can be increased on the client through a registry setting but I haven't found anything yet.

HTH

Andy