This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Netlogin issue with 802.1X

Netlogin issue with 802.1X

PeterK
Contributor III

‎01-05-2022 10:29 AM

Hello,
I've currently a issue with 802.1X authentications on Exos.
Session Timeout: 5400sec
Reauth timer: 3600sec

Reauth takes action after 1h. So far so good. But the reauthentication event did not reset the session counter of a 1X session. That causes that the session is terminated after another 30min.

I am wrong in my thinking or is this a bug in Exos?
0 Kudos
4 REPLIES 4

Robert_Haynes
Extreme Employee

‎01-06-2022 08:35 AM

I would think the session-timeout parameter, if set, is a global maximum timer set for the session. Period. The session is only allowed to last 5400s (in your case) and upon reaching this timeout, terminated. I think it's use is more attune to daily limits. i.e. you would set a session-timeout of 8 hours to cover a general business day allowing users to authenticate to the port but not remain connected past the end of the day. Or in a coffee shop you would set it to one hour to allow a transient guest to use the services but be terminated shortly after they leave.

Otherwise re-authentication simply forces the client to re-authenticate, calculate new keys, etc.
0 Kudos

OscarK
Extreme Employee

‎01-06-2022 02:50 AM

Could be a bug but I rather think this is a config issue. Could be fdb timeout or something else that clears the session.
The log should tell you what did terminate the session, idle timeout or something else.
0 Kudos

PeterK
Contributor III
In response to OscarK

‎01-06-2022 04:25 AM

Thanks Oscar,

thanks for your answer.
The session is definitely terminated by reaching the session timeout. When I set the session timeout to 0 it's working.

But, from my understanding, a reauthentication should reset the session timer. And this isn't.

Reauthentication takes action. I can see this on switch-CLI by checking reauth-timer and in Extreme Control Endsystem history.
0 Kudos

OscarK
Extreme Employee
In response to PeterK

‎01-06-2022 05:56 AM

It could be the mac session disconnects the client ?
But I would log a case and get this investigated.
0 Kudos
GTM-P2G8KFN