Reply
Contributor I

aaa timers

Hi,

somebody tell me, about what's the function of these three parameters ?

User idle timeout = 5 minutes
Auth Server dead time = 10 minutes
Logon user lifetime = 5 minutes

Regards

Alex.
Aruba Employee

Re: aaa timers

User idle timeout is the time the controller will monitor a user for activity before it begins to send packets (pings and/or gratuitous ARP depending on the version of AOS) to determine if the user is still active. If the client responds, the controller doesn't clean up the session. If the client doesnt respond, the controller removes the user.

Auth server dead time is the time the controller will keep a RADIUS or LDAP server out of service if it fails to respond to an authentication request.

Logon user lifetime is the time a user is allowed to sit in the "logon" role before the controller assumes they are not going to authenticate and removes the user. The client is free to reconnect, though.