02-01-2023 04:12 AM
Is there a possibility to enable a periodic reauthentication of rejected 802.1x/MAB Clients?
When I configure authentication timer reauthenticate <time> or authentication timer reauthenticate server on an interface I see the Session Timeout only for permitted clients: Session timeout: 3600s (server), Remaining: 3587s or Session timeout: 120s (local), Remaining: 99s. When the Client is rejected by ISE I see always: Session timeout: N/A no matter if I configure a local timer or I add a reauth-timer to the DenyAccess on ISE.
Background: Whe had a problem with ISE which rejected Clients due to a licensing problem and all these clients had to be reauthenticated later. So I was asked if it would be possible to reauthenticate rejected clients on the Switch.
02-01-2023 06:07 AM
do you also have the command "authentication periodic" in addition to the authentication timer in your config?
02-01-2023 06:11 AM
Yes, it's included.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide