set protocols dot1x interface session-timeout
The set protocols dot1x interface session-timeout command configures the expire timer for the authenticated session.
Command Syntax
set protocols dot1x [interface <interface-name>] session-timeout <session-timeout>
Parameter
Parameter | Description |
interface <interface-name> | Optional. Specifies the physical interface name. The value could be ge-1/1/1, xe-1/1/2, and so on. If no interface is specified, it represents a global configuration. |
session-timeout <session-timeout> | Specifies the expire timer for the authenticated session. The value is an integer that ranges from 0 to 86400, in seconds. The default value is 3600s. Note that, “0” indicates authenticated session will never expire. |
Usage Guidelines
The authenticated session will expire after a period of session-timeout and start a new authentication process. The switch will send request packet to the AAA server or the client after the expire timer for re-authentication.
The AAA server can also issue session-timeout, which takes precedence over the local configuration on the switch. About the processing for session-timeout Attribute issued by the AAA server, see section Response to session-timeout Attribute in Principle of NAC.
Note:
- The session timeout configuration based on an interface takes precedence over that of the global configuration.
- Configuration changes will only affect clients who need to do DOT1X authentication later.
Example
- Configure the global session expire timer for the authenticated session.
admin@Xorplus# set protocols dot1x session-timeout 1800 admin@Xorplus# commit
Copyright © 2024 Pica8 Inc. All Rights Reserved.