Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1334
Views
0
Helpful
4
Replies

ACS 4.2 and User Session Timeout

PatrickKnee
Level 1
Level 1

‎06-29-2009 06:32 AM - edited ‎03-10-2019 04:34 PM

We are upgrading to ACS 4.2 that will be used to authenticate wireless users. It seems that if I limit simultaneous connections (for wireless users) to 1, then disconnect from wireless it takes around 3 minutes for ACS to release that connection so I can log in again. Is there any way I can decrease this time. I've been searching for such a setting but am unable to find anything.

Thanks.

Labels:
0 Helpful
4 Replies 4

Jagdeep Gambhir
Level 10
Level 10

‎06-29-2009 10:05 AM

This function works on the basis of accounting (stop start). Make sure you see "stop" for your username in radius accounting when you disconnect.

If you don't see that troubleshoot the accounting part.

Regards,

~JG

Do rate helpful posts

0 Helpful

PatrickKnee
Level 1
Level 1
In response to Jagdeep Gambhir

‎06-30-2009 04:41 AM

The problem here isn't that it won't "stop", but the time it takes to stop. Is there anyway to decrease the amount of time it takes?

0 Helpful

darpotter
Level 5
Level 5
In response to PatrickKnee

‎06-30-2009 05:56 AM

This is going to be a function of the wireless access point.

ACS will release the session internally as soon as the accounting stop arrives.

I recall with descendants of Aironet gear the RADIUS accounting used to be a bit flakey. Because wireless comes an AP will often wait to see if a client really has gone for good or just dropped out for a short time.

For that reason I do not think you can use ACS max sessions with wireless in a reliable way.

0 Helpful

Jagdeep Gambhir
Level 10
Level 10
In response to PatrickKnee

‎06-30-2009 10:45 AM

See if you have this command available on aaa-client,

aaa accounting update newinfo

This command is used to enable periodic interim accounting records to be sent to the

accounting server .

The full syntax of the command is

aaa accounting update [newinfo] [periodic number [jitter {maximum max-value}]]

Syntax Description

newinfo

(Optional) An interim accounting record is sent to the accounting server whenever there is new accounting information to report relating to the user in question.

periodic

(Optional) An interim accounting record is sent to the accounting server periodically, as defined by the argument number.

number

(Optional) Integer specifying number of minutes.

jitter

(Optional) Allows you to set the maximum jitter value in periodic accounting.

maximum max-value

(Required) The number of seconds to set for maximum jitter in periodic accounting. The

value 0 turns off jitter. Jitter is set to 300 seconds (5 minutes) by default.

That should help

Regards,

~JG

Do rate helpful posts

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents