Programmable Internetworking & Communication Operating System Docs ... Click Spaces -> Space Directory to see docs for all releases ...
Page tree
Skip to end of metadata
Go to start of metadata

The set protocols dot1x interface session-timeout command configures the expire timer for the authenticated session.


Command Syntax

set protocols dot1x interface <interface-name> session-timeout <session-timeout>


Parameter

Parameter

Description

interface <interface-name>

Specifies the physical interface name. The value could be ge-1/1/1, xe-1/1/2, and so on.

session-timeout <session-timeout>

Specifies the expire timer for the authenticated session. The value is an integer that ranges from 300 to 86400, in seconds. The default value is 3600s.


Usage Guidelines

The authenticated session will expire after a period of session-timeout and start a new authentication process. The switch will send request packet to the AAA server or the client after the expire timer for re-authentication.

The AAA server can also issue session-timeout, which takes precedence over the local configuration on the switch. About the processing for session-timeout Attribute issued by the AAA server, see section Response to session-timeout Attribute in Principle of NAC.

Note: Configuration changes will only affect clients who need to do DOT1X authentication later.


Example

  • Configure the expire timer for the authenticated session.
admin@Xorplus# set protocols dot1x interface ge-1/1/1 session-timeout 1800
admin@Xorplus# commit
  • No labels