Table of Contents
Advertisement
HP Switch(config)# aaa port-access web-based 6-8 cached-reauth-period 86400
Figure 6-12. Example of Configuring the Maximum Number of Consecutive Cached Reauthentications
Syntax: [no] aaa authentication <port-access | web-based | mac-based >
<primary method>
< secondary-method>
Allows reauthentications to succeed when the RADIUS server
is unavailable. Users already authenticated retain their
currently-assigned session attributes.
The primary methods for port-access authentication are local,
chap-radius, or eap-radius.
The primary method for web-based or mac-based authentica-
tion is chap-radius.
The secondary methods can be none, authorized, or cached-
reauth.
The default secondary authentication for all types of port
access remains "none".
Syntax: [no] aaa port-access <authenticator | web-based | mac-based> <port-
list>
cached-reauth-period [1-2147483647]
Configures the period of time (in seconds) during which
cached reauthentication is allowed on the port.
Default: No limit is set.
Timing Considerations
The reauth period when the RADIUS server is unavailable is the configured
reauth period plus an additional X seconds, where X can vary from 1 to
approximately 30 seconds in most cases, depending on the number of RADIUS
servers and other RADIUS parameters. This period of time can be more or less
than 30 seconds if the default "server-timeout" values for 802.1X or Web/MAC
RADIUS Authentication, Authorization, and Accounting
The cached-reauth-period is set to 86400 seconds (1440
minutes, or 24 hours).
Cached Reauthentication
6-27
Hide quick links:
Advertisement
Table of Contents
