The authentication timer authorize-keep-aging command configures the aging time for entries of online users who retain original network access rights.
The undo authentication timer authorize-keep-aging command restores the default setting.
By default, the aging time for entries of online users who retain the original network access rights is 0. That is, these entries are not aged out by default.
authentication timer authorize-keep-aging aging-time
undo authentication timer authorize-keep-aging
Parameter |
Description |
Value |
|---|---|---|
aging-time |
Specifies the aging time. |
The value is an integer that ranges from 0 or 60 to 4294860, in seconds. |
Usage Scenario
After the authentication event action authorize keep command is run, if the authentication server is Down or does not respond, online users retain the original network access rights. In this case, the device creates entries for the online users who retain the original network access rights. If the authentication server is always Down or does not respond, these users always retain the original network access rights. To prevent this problem, run the authentication timer authorize-keep-aging command to adjust the aging time of these online user entries. When the aging time expires, these online users are logged out.
Precautions
The authentication timer authorize-keep-aging command configuration takes effect after the authentication event authen-server-down action close re-authen command is executed to disable re-authentication when the authentication server is Down.