Supported Platforms
Controlling Authentication Session Timeouts (CLI Procedure)
For 802.1X and MAC RADIUS authentication sessions, you can specify authentication session timeout values using the reauthentication statement.
The session might also end when the MAC table aging time expires, because the session is removed from the authentication session table when the MAC address is removed from the Ethernet switching table. In order to prevent the session from being removed from the authentication session table, you must disassociate the authentication table from the Ethernet switching table using the no-mac-table-binding statement.
Before you begin:
- Specify the RADIUS server or servers to be used as the authentication server. See Specifying RADIUS Server Connections on an EX Series Switch (CLI Procedure).
- Configure 802.1X authentication on the switch. See Configuring 802.1X Interface Settings (CLI Procedure).
To configure the authentication session time on all interfaces:
[edit]
user@switch# set protocols
dot1x authenticator interface all reauthentication seconds;To configure the authentication session time on a single interface:
[edit]
user@switch# set protocols
dot1x authenticator interface interface-name reauthentication seconds;To disable removal of authentication sessions from the authentication session table when a MAC address ages out of the Ethernet switching table, remove the binding of the authentication table to the Ethernet switching table.
To remove the binding:
[edit]
user@switch# set protocols
dot1x authenticator no-mac-table-binding;
