HP-UX AAA Server A.08.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software

391

392

393

394

395

396

397

398

399

400

Table 107 Default LAS Session Timing Parameters (continued)

DescriptionDefaultParameter

counted as a simultaneous session. This parameter us only

used for Hunt-groups.

Tells LAS when to remove a session when it is in the

Not-Confirmed, Disconnected, Rejected, Collided, or

Rebooted state.

300 seconds (5

minutes)

Session-Kill-Time

States the time interval to check the session table.300 seconds (5

minutes)

Session-Check-Time

Tells when to remove a session when it is in a suspended

state.

172800 seconds

(48 hours)

Session-Clear-Time

Tells LASCP Authentication/Authorization Travel Vector

(AATV) how long to wait for checkpoint messages before

suspending a session.

915 seconds (15

minutes and 15

seconds)

Session-Idle-Time

States the maximum number of sessions that can be held in

the Session Table. When this number is met, authentication

2147483647

number of sessions

(maximum allowed)

Session-Table-Limit

requests that would normally result in a new session are

ignored.

Specifies how often status of sessions are to be updated.5 secondsSession-Update-Time

Specifies how long a token may be held after a session is

accepted yet no confirmation is received after the request

5 secondsToken-Hold-Adjustment

is released by the engine. A token may be held up to hold

time (<30 seconds) plus Token-Hold-Adjustment.

Specifies the interval for the LAS to save the session table if

there’s any change.

300 seconds (5

minutes)

Auto-Save

Token Pool Configuration

This section the token pools, and the number of tokens for each token pool. Token pools are used

for limiting the total number of simultaneous sessions for a given realm.

Below is the syntax of a token pool configuration

Tokenpool

token-pool-Name number-of-tokens

. . .

End-Tokenpool

token-pool Name of the token pool

number-of-tokens Number of tokens in the token pool.

Example

Tokenpool

Sample-pool 4

End-Tokenpool

Realm Configuration

This section lists realms by name and, optionally, any services, token pools or any custom AATV

support for a realm. A realm entry las.conf is required to perform session tracking. The default

server behavior is to log accounting messages locally, whether the server processes Access-Request

messages locally or sends them to a proxy server. If a realm entry exists in the las.conf file, the

server will send accounting messages to the remote server that processed the authentication for

the corresponding user. The las.conf realm entries must have corresponding realm entries in

the Server Manager’s Define Realm screen, which can be accessed through the Local Realms link

on the Server Manager.

Syntax of Realm configuration

394 Configuration Files