Configuring Authentication Timers

The following procedure describes how to configure authentication timers:

  1. In the Mobility Master node hierarchy, navigate to the Configuration > Authentication > Advanced tab.
  2. Expand Authentication Timers .
  3. Configure the timers as described in Table 1.
  4. Click Submit.
  5. Click Pending Changes.
  6. In the Pending Changes window, select the check box and click Deploy Changes.

Table 1: Authentication Timers

Timer

Description

User Idle Timeout

Maximum period after which a client is considered idle if there is no wireless traffic from the client. The timeout period is reset if there is wireless traffic. If there is no wireless traffic in the timeout period, the client is aged out. Once the timeout period has expired, the user is removed. If the keyword seconds is not specified, the value defaults to minutes at the command line.

Range: 1–255 minutes (30–15300 seconds)

Default: 5 minutes (300 seconds)

Authentication Server dead Time

Maximum period, in minutes, that the managed device considers an unresponsive authentication server to be “out of service.”

This timer is only applicable if there are two or more authentication servers configured on a managed device. If there is only one authentication server configured, the server is never considered out of service, and all requests are sent to the server.

If one or more backup servers are configured and a server is unresponsive, it is marked as out of service for the dead time; subsequent requests are sent to the next server on the priority list for the duration of the dead time. If the server is responsive after the dead time has elapsed, it can take over servicing requests from a lower-priority server; if the server continues to be unresponsive, it is marked as down for the dead time.

Range: 0–50 minutes

Default: 10 minutes

Logon User Lifetime

Maximum time, in minutes, unauthenticated clients are allowed to remain logged on.

Range: 0–255 minutes

Default: 5 minutes

User Interim stats frequency

Sets the timeout value for user stats, reporting in minutes or seconds.

Range: 300-3600 seconds, or 5-60 minutes

Default: 600 seconds

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure timers that you can apply to clients. If the optional seconds keyword is not specified for the idle-timeout and stats-timeout parameters, the value defaults to minutes:

(host)[mynode] (config) #aaa timers

dead-time <minutes>

idle-timeout <time> [seconds]

logon-lifetime <0-255>

stats-timeout <time> [seconds]