Table of Contents
Advertisement
clear multiauth session-timeout
clear multiauth session-timeout
Use this command to reset the maximum number of consecutive seconds an authenticated session
may last before termination of the session to its default value of 0.
Syntax
clear multiauth session-timeout [dot1x | mac | pwa]
Parameters
dot1x
mac
pwa
Defaults
If no authentication method is specified, the session timeout value is reset to its default value of 0
for all authentication methods.
Mode
Switch mode, read‐write.
Example
This example resets the session timeout value for the IEEE 802.1X authentication method to 0
seconds.
C3(su)->clear multiauth session-timeout dot1x
Configuring User + IP Phone Authentication
User + IP phone authentication is a legacy feature that allows a user and their IP phone to both use
a single port on the
daisy‐chained together with a single connection to the network.
This special application of multi‐user authentication was inherited from legacy platforms (such as
the B2 and C2) that could not natively support multiple users per port. The SecureStack C3 can
support multiple users per port so the User + IP phone application should only be used if you are
integrating SecureStack C3s into a legacy deployment.
With ʺUser + IP Phoneʺ authentication, the policy role for the IP phone is statically mapped using
a policy admin rule which assigns any packets received with a VLAN tag set to a specific VID (for
example, Voice VLAN) to an specified policy role (for example, IP Phone policy role). Therefore, it
is required that the IP phone be configured to send VLAN‐tagged packets tagged for the "Voice"
VLAN. Refer to the Usage section for the command "set policy rule" on page 11‐10 for additional
information about configuring a policy admin rule that maps a VLAN tag to a policy role.
Note that if the IP phone authenticates to the network, the RADIUS accept message must return
null values for RFC 3580 tunnel attributes and the Filter‐ID.
26-48 Authentication and Authorization Configuration
(Optional) Specifies the IEEE 802.1X port‐based network access control
authentication method for which to reset the timeout value to its
default.
(Optional) Specifies the Enterasys MAC authentication method for
which to reset the timeout value to its default.
(Optional) Specifies the Enterasys Port Web Authentication method for
which to reset the timeout value to its default.
but to have separate policy roles. The user's PC and their IP phone are
switch
- Quick Links:
- Set Ip Address
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the SECURESTACK C3 and is the answer not in the manual?
Questions and answers