https://community.cisco.com/t5/network-security/uauth-on-pix/m-p/452781#M531427 <P>Hi, a couple of questions here, firstly I understand the uauth settings on the pix are as follows:</P><P>timeout uauth - 5 mins - Sets the duration before the authentication and authorization cache times out and the user has to re-authenticate the next connection. </P><P>timeout xlate - 3 hours - Specifies the idle time until a translation slot is freed; the minimum value is one minute. </P><P>timeout conn - 1 hour - Specifies the idle time after which a connection closes; the minimum duration is five minutes. </P><P></P><P>Just wanting to get my head around some things:</P><P>1. if the timeout uauth is set to 5 mins, just what does this mean. Does it mean that if I authenticate and start an rdp session to host A, then that session is ok until I disconnect in a couple of hours, but if I try to start a another connection to host B after that first 5 minutes I then have to reauth first to get that new connection to B going ??</P><P></P><P>2. What conditions causes the need for a re-auth first, (e.g. loss off all connections, conn timer expired, xlate timer expired or auth timer expired etc) I would have thought the disconnection of session would trigger the timeout conn of one hour - so if I disconnected, then came back 55 minutes later I could still get to that session I previously had open..... </P><P></P><P>thanks in advance</P> Fri, 21 Feb 2020 08:29:05 GMT itchampnz 2020-02-21T08:29:05Z https://community.cisco.com/t5/network-security/uauth-on-pix/m-p/452781#M531427 <P>Hi, a couple of questions here, firstly I understand the uauth settings on the pix are as follows:</P><P>timeout uauth - 5 mins - Sets the duration before the authentication and authorization cache times out and the user has to re-authenticate the next connection. </P><P>timeout xlate - 3 hours - Specifies the idle time until a translation slot is freed; the minimum value is one minute. </P><P>timeout conn - 1 hour - Specifies the idle time after which a connection closes; the minimum duration is five minutes. </P><P></P><P>Just wanting to get my head around some things:</P><P>1. if the timeout uauth is set to 5 mins, just what does this mean. Does it mean that if I authenticate and start an rdp session to host A, then that session is ok until I disconnect in a couple of hours, but if I try to start a another connection to host B after that first 5 minutes I then have to reauth first to get that new connection to B going ??</P><P></P><P>2. What conditions causes the need for a re-auth first, (e.g. loss off all connections, conn timer expired, xlate timer expired or auth timer expired etc) I would have thought the disconnection of session would trigger the timeout conn of one hour - so if I disconnected, then came back 55 minutes later I could still get to that session I previously had open..... </P><P></P><P>thanks in advance</P> Fri, 21 Feb 2020 08:29:05 GMT https://community.cisco.com/t5/network-security/uauth-on-pix/m-p/452781#M531427 itchampnz 2020-02-21T08:29:05Z https://community.cisco.com/t5/network-security/uauth-on-pix/m-p/452782#M531429 <HTML><HEAD></HEAD><BODY><P>timer uauth command has two options. absolute and inactivity. Absloute timer expires every 5 mins and you will have to re authenticate every 5 mins. If you enable inactivity timer, then you will have to reauthenticate only if the connection is left inactive for 5 mins.</P><P></P><P>The following link explains the different options for this command:</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/tz.htm#wp1026093" target="_blank">http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/tz.htm#wp1026093</A></P><P></P><P></P></BODY></HTML> Wed, 02 Nov 2005 17:11:30 GMT https://community.cisco.com/t5/network-security/uauth-on-pix/m-p/452782#M531429 vkapoor5 2005-11-02T17:11:30Z