cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
298
Views
5
Helpful
2
Replies

Periodic reauthentication for rejected 802.1x Clients

StefanUlrich
Level 1
Level 1

Is there a possibility to enable a periodic reauthentication of rejected 802.1x/MAB Clients? 

When I configure authentication timer reauthenticate <time> or authentication timer reauthenticate server on an interface I see the Session Timeout only for permitted clients:  Session timeout: 3600s (server), Remaining: 3587s  or Session timeout: 120s (local), Remaining: 99s. When the Client is rejected by ISE I see always: Session timeout: N/A no matter if I configure a local timer or I add a reauth-timer to the DenyAccess on ISE.

Background: Whe had a problem with ISE which rejected Clients due to a licensing problem and all these clients had to be reauthenticated later. So I was asked if it would be possible to reauthenticate rejected clients on the Switch. 

2 Replies 2

pieterh
VIP
VIP

do you also have the command "authentication periodic" in addition to the authentication timer in your config?

   

Yes, it's included.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking products for a $25 gift card