The authentication termination-action reauthenticate command configures the device to re-authenticate users when the time exceeds the value of Session-Timeout delivered by the RADIUS server.
The undo authentication termination-action command restores the default setting.
By default, the device is not configured to re-authenticate users when the time exceeds the value of Session-Timeout delivered by the RADIUS server.
Usage Scenario
The RADIUS server uses the Session-Timeout attribute to control the remaining online time of a user, and uses the Termination-Action attribute to determine whether to re-authenticate the user when the timeout interval expires. By default, if the RADIUS server delivers Session-Timeout but no Termination-Action, the device disconnects users when the time exceeds the value of Session-Timeout. To re-authenticate users without modifying the server configuration, you can run this command to configure the device to re-authenticate users when the timeout interval expires.
Precautions
Only 802.1X authentication and MAC address authentication on Layer 2 interfaces support this function.
# In authentication profile authen1, configure the device to re-authenticate users when the time exceeds the value of Session-Timeout delivered by the RADIUS server.
<HUAWEI> system-view [HUAWEI] authentication-profile name authen1 [HUAWEI-authen-profile-authen1] authentication termination-action reauthenticate