set protocols dot1x interface session-timeout
The set protocols dot1x interface session-timeout command configures the expire timer for the authenticated session.
Command Syntax
set protocols dot1x [interface <interface-name>] session-timeout <session-timeout>
Parameter
Parameter | Description |
interface <interface-name> | Optional. Specifies the physical interface name. The value could be ge-1/1/1, xe-1/1/2, and so on. If no interface is specified, it represents a global configuration. |
session-timeout <session-timeout> | Specifies the expire timer for the authenticated session. The value is an integer that ranges from 0 to 86400, in seconds. The default value is 3600s. Note that, “0” indicates authenticated session will never expire. |
Usage Guidelines
The authenticated session will expire after a period of session-timeout and start a new authentication process. The switch will send request packet to the AAA server or the client after the expire timer for re-authentication.
The AAA server can also issue session-timeout, which takes precedence over the local configuration on the switch. About the processing for session-timeout Attribute issued by the AAA server, see section Response to session-timeout Attribute in Principle of NAC.
Note:
The session timeout configuration based on an interface takes precedence over that of the global configuration.
Configuration changes will only affect clients who need to do DOT1X authentication later.
Example
Configure the global session expire timer for the authenticated session.
admin@Xorplus# set protocols dot1x session-timeout 1800
admin@Xorplus# commitCopyright © 2025 Pica8 Inc. All Rights Reserved.