mahmoud.yasin@ad-tech.com.jo wrote:
Thanks, but...
What is the recommended value for this timeout, as in our case if a device sleeped or hipernated for an undetermined period "which is more than the configured timeout" then it will not be assigned to the data VLAN because the service rules for machine authentciation will not be matched...
So can I set it to never timeout, and is it recommended?
Thanks
The default time is typically sufficient. If a machine has successfully machine authenticated, every time the user authenticates after that, the machine cache is reset. Let me repeat: When a machine authenticates successfully, a countdown timer is started. When a user authenticates after a machine has authenticated successfully, the machine authenticated timeout is reset. So, the timer does not have to reflect how often the computer is rebooted, since every time a user authenticates successfully AFTER a machine successfully authenticates, the machine cache is reset.
You can think of the timer as "If a user does not touch the laptop for X minutes", they will have to reboot it so that it can successfully machine authenticate. There are some users who use their laptops frequently and it is not a problem. There are some users who leave their laptops for days and it also won't be a problem.