Name
Session-Timeout
Synopsis
|
Attribute Number |
27 |
|
Length |
6 |
|
Value |
INTEGER |
|
Allowed in |
Access-Accept, Access-Challenge |
|
Prohibited in |
Access-Request, Access-Reject |
|
Presence in Packet |
Not required |
|
Maximum Iterations |
1 |
This attribute indicates the maximum length of time in seconds that a user may remain connected to the network before the RADIUS client will kick him off. This is primarily used to enforce connect-time limits on certain account package types or to prevent camping on a line. (Camping is when a user treats a non-dedicated connection, such as a dial-up account, as a dedicated connection by keeping the line up 24 hours a day, 7 days a week.)
Much like the Idle-Timeout attribute, there are
many software packages meant for the client side that detect a
disconnected session and immediately reconnect it. There is no
inherent mechanism on the RADIUS server, at least as specified in the
RFC, to prevent usage of this software, since the
Session-Timeout value is just a counter that is
stateless and memory-less. It can be and is reset each time a new
connection is made.
Get RADIUS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
