cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1842
Views
0
Helpful
1
Replies

ASA Uauth Absolute Timeout

Alex Pfeil
Level 7
Level 7

Can somebody explain what the absolute timeout is for a user authentication? Does it mean after this specific time, you have to authenticate again?

1 Accepted Solution

Accepted Solutions

Alex Pfeil
Level 7
Level 7

The official answer is that after 5 idle minutes, the user authentication is reset. I believe the idle time starts counting after they login.

Since it was only 5 minutes, I went ahead and ran a test. I caught a user that had been logged in for 12 seconds.  When the idle time hit 5:00 minutes, it gets rid of the authenticated user.  I even caught the user being removed from the show uauth with 1 Authenticated user still in the command.  After running the command shortly after, it showed 0 Authenticated users.

 

NotmyASAname#  show uauth
                        Current    Most Seen
Authenticated Users       1          4
Authen In Progress        0          11
user 'username' at 10.1.2.3, authenticated (idle for 0:00:12)
   absolute   timeout: 0:05:00
   inactivity timeout: 0:00:00
NotmyASAname#

user 'username' at 10.1.2.3, authenticated (idle for 0:04:59)
   absolute   timeout: 0:05:00
   inactivity timeout: 0:00:00
NotmyASAname#  show uauth
                        Current    Most Seen
Authenticated Users       1          4
Authen In Progress        0          11
NotmyASAname#  show uauth
                        Current    Most Seen
Authenticated Users       0          4
Authen In Progress        0          11
NotmyASAname#  show uauth

View solution in original post

1 Reply 1

Alex Pfeil
Level 7
Level 7

The official answer is that after 5 idle minutes, the user authentication is reset. I believe the idle time starts counting after they login.

Since it was only 5 minutes, I went ahead and ran a test. I caught a user that had been logged in for 12 seconds.  When the idle time hit 5:00 minutes, it gets rid of the authenticated user.  I even caught the user being removed from the show uauth with 1 Authenticated user still in the command.  After running the command shortly after, it showed 0 Authenticated users.

 

NotmyASAname#  show uauth
                        Current    Most Seen
Authenticated Users       1          4
Authen In Progress        0          11
user 'username' at 10.1.2.3, authenticated (idle for 0:00:12)
   absolute   timeout: 0:05:00
   inactivity timeout: 0:00:00
NotmyASAname#

user 'username' at 10.1.2.3, authenticated (idle for 0:04:59)
   absolute   timeout: 0:05:00
   inactivity timeout: 0:00:00
NotmyASAname#  show uauth
                        Current    Most Seen
Authenticated Users       1          4
Authen In Progress        0          11
NotmyASAname#  show uauth
                        Current    Most Seen
Authenticated Users       0          4
Authen In Progress        0          11
NotmyASAname#  show uauth

Review Cisco Networking for a $25 gift card