The authentication timer authen-fail-aging command configures the aging time for entries of the users who fail to be authenticated.
The undo authentication timer authen-fail-aging command restores the default aging time for entries of the users who fail to be authenticated.
By default, the aging time for entries of the users who fail to be authenticated is 23 hours.
authentication timer authen-fail-aging aging-time
undo authentication timer authen-fail-aging
| Parameter | Description | Value |
|---|---|---|
| aging-time | Specifies the aging time. |
The value is an integer that ranges from 0 or 60 to 4294860, in seconds. The value 0 indicates that the entry does not age. |
Usage Scenario
After network access policies are configured for users who fail to be authenticated, the device creates entries for these users. If the user still fails to be authenticated when the user aging time expires, the user entry is deleted.
The entries of the users who fail to be authenticated share device resources with the entries of the users who are authenticated. If there are excess entries of the users who fail to be authenticated, other users fail to be authenticated. To solve this problem, run the authentication timer authen-fail-aging command to reduce the aging time for entries of the users who fail to be authenticated. In addition, if the time that the users who fail to be authenticated have network access policies should be shortened, you can run this command to decrease the aging time for the user entries.
Precautions
This function takes effect only for users who go online after this function is successfully configured.
Only wired users support this function.