Command of the Day

Reply
Aruba Employee

COTD: AAA Idle Timeout and Authentication Server Dead Time

Currently two authentication timers are available for configuration by the administrator - the User Idle Timeout and the Authentication Server Dead Time. These timers are common to all users and radius servers and apply to all servers and users. These timers can be left at the default values for most implementations.
1. Accessing the Configuration page
a. Login to the web interface
b. Click on the Configuration tab from the top menu.
c. On the menu that appears on the left hand side, select Security and under that AAA Servers. This will open the AAA server configuration page.
d. Select the General tab; configure the timers on the resultant page. PATH: Security > AAA Servers > General

2. Set the user idle timeout value. The value of this field is in minutes. . To prevent the user from timing out set the value of this field to 0.
The user idle timeout is the time in minutes for which the switch maintains state of an unresponsive client. If the client does not respond back to the switch within this time, the switch deletes the state of the user. The user will have to re-authenticate to gain access once the user state has been deleted. Set the value of the user idle timeout. The value of this field is in minutes
3. Set the Authentication Server Dead Time value in minutes.
The Authentication Server Dead Time is applied only when there are two or more authentication servers configured. The authentication Server Dead Timeout is the maximum period for which an authentication server is proclaimed dead before being activated again.
Scenario 1: If the authentication server is the only server.
In this case the server is never marked down and all requests are sent to this server irrespective of the timer setting.
Scenario 2: If one or more backup servers are configured.
In this case, once the server (server A) is found to be un-responsive it is marked as down and the subsequent requests are sent to the next server on the priority list. The server A is marked down for the dead time after which it is brought back into the list. If the priority of this server is higher than the server currently servicing the requests, this server (server A) takes over. If it is still non-accessible, it will be marked down for the Authentication Server Dead Time Period
4. Once the values are set click the APPLY tab before moving onto another page or closing the browser. Failure to do this will result in the loss of configuration and the user will have to reconfigure the settings.
5. To save the configuration, click the Save Configuration tab on the upper right hand corner of the screen.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: