White Paper
© 2015 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information
Page 10 of 19
White Paper
Timer Considerations
Switch CLI
Default
Comments
radius-server timeout
5 sec
Use default settings. If you configure both global
and per Radius server timeout, the per-server timer
will override global timer. Please note, switch will
attempt to reach radius server three times after
which it will timeout – (3 X 5 sec = 15 sec).
authentication periodic
Disabled
Enable on port if you like to set reauthentication
timer on the switch or to have the switch use a
RADIUS-provided session timeout. Radius
provided timeout is more scalable and easier to
manage.
authentication timer inactivity
Disabled
After enabling periodic re-authentication on a
port, if there is no activity from the client for the set
time then client is unauthorized
authentication timer
reauthenticate
3600
sec
After enabling periodic re-authentication on a
port, an automatic re-authentication attempt is
initiated after timer expiry. When periodic re-
authentication is not enabled on a port it sets
the number of seconds that the switch waits for a
response to an EAP-request/identity frame from
the client before resending the request.
authentication timer restart
60 sec
After enabling periodic re-authentication on a
port, an attempt is made to authenticate an
unauthorized port after timer expiry