02-01-2023 04:12 AM
Is there a possibility to enable a periodic reauthentication of rejected 802.1x/MAB Clients?
When I configure authentication timer reauthenticate <time> or authentication timer reauthenticate server on an interface I see the Session Timeout only for permitted clients: Session timeout: 3600s (server), Remaining: 3587s or Session timeout: 120s (local), Remaining: 99s. When the Client is rejected by ISE I see always: Session timeout: N/A no matter if I configure a local timer or I add a reauth-timer to the DenyAccess on ISE.
Background: Whe had a problem with ISE which rejected Clients due to a licensing problem and all these clients had to be reauthenticated later. So I was asked if it would be possible to reauthenticate rejected clients on the Switch.
02-01-2023 06:07 AM
do you also have the command "authentication periodic" in addition to the authentication timer in your config?
02-01-2023 06:11 AM
Yes, it's included.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: