The set protocols dot1x interface session-timeout command configures the expire timer for the authenticated session.
set protocols dot1x interface <interface-name> session-timeout <session-timeout>
Specifies the physical interface name. The value could be ge-1/1/1, xe-1/1/2, and so on.
Specifies the expire timer for the authenticated session. The value is an integer that ranges from 300 to 86400, in seconds. The default value is 3600s.
The authenticated session will expire after a period of session-timeout and start a new authentication process. The switch will send request packet to the AAA server or the client after the expire timer for re-authentication.
The AAA server can also issue session-timeout, which takes precedence over the local configuration on the switch. About the processing for session-timeout Attribute issued by the AAA server, see section Response to session-timeout Attribute in Principle of NAC.
Note: Configuration changes will only affect clients who need to do DOT1X authentication later.
- Configure the expire timer for the authenticated session.