6-28
RADIUS Authentication, Authorization, and Accounting
Cached Reauthentication
authentication have been changed from their default values. The period of
time represented by X is how long 802.1X or Web MAC authentication will wait
for a RADIUS response.
For example:
1. A cached-reauth-period is set to 900 seconds (15 minutes) and the reauth
period is 180 seconds.
2. A client is successfully authenticated or reauthenticated.
3. The RADIUS server becomes unavailable. In 180 seconds from the authen-
tication in step 1, 802.1X or Web/MAC authentication initiates reauthenti-
cation.
4. In X seconds after the initiation of authentication in step 3 (1 to 30 seconds
if default values for 802.1X or Web/MAC authentication are used), 802.1x
or Web/MAC authentication receives notification that the RADIUS server
is unavailable.
5. 802.1X or Web/MAC authentication allows the first cached reauthentica-
tion and starts the cached reauth period.
6. A number of cached reauthentications occur within the 900 seconds after
the start of the cached reauth period in step 5. These have a period of 180
+ X seconds.
7. The cached reauthentication period (900 seconds) ends.
8. The next reauthentication begins 180 seconds after the last cached reau-
thentication.
9. In X seconds after the reauthentication in step 8, 802.1X or Web/MAC
authentication receives notification that the RADIUS server is still
unavailable.
10. 802.1X or Web/MAC authentication terminates the client’s session.
Determining the Maximum Amount of Time Before Client Session
Termin ation.
1. The maximum amount of time between step 2 and step 3 is 180 seconds.
2. The amount of time between step 3 and step 5 is X seconds.
3. The reauthentication in step 8 happens less than 180 seconds after step 7,
and step 7 happens in 900 seconds after step 5. The maximum amount of
time between step 5 and step 8 is 900 + 180 seconds.
To Next Page
Loading...
