Session-stop on timer expiry?

Jouni Malinen jkmaline at cc.hut.fi
Fri Nov 10 10:05:44 EST 2006


On Thu, Nov 09, 2006 at 12:57:12PM +0100, Zoltan HERPAI wrote:

> Does hostapd support closing an authenticated port on a session timeout? 
> I've seen such behaviour in hotspot infrastructures, whereas either the 
> client is disconnected or the traffic is blocked after the expiry of a 
> timer - which could be an AVP like Session-Timeout or Idle-Timeout. I 
> would like to do the same, but with a port authenticated with 
> EAP-PEAP/MSCHAPv2.

Yes, hostapd supports Session-timeout attribute to limit the amount of
time a user can remain connected without re-authenticating (i.e., this
requires IEEE 802.1X). At the end of the session, hostapd will start
re-authenticating the client and only if the authentication server
allows this to happen, will the client be allowed to continue using the
network.

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list