Cisco PIX 500 Series Configuration Manual page 729

Security appliance command line

Hide thumbs Also See for PIX 500 Series:

Administration manual (653 pages)

Quick start manual (72 pages)

User manual (60 pages)

Table of Contents

Configuring Network Admission Control

Retransmission retry timer

When the security appliance sends an EAP over UDP message to the remote host, it waits for a

response. If it fails to receive a response within n seconds, it resends the EAP over UDP message.

By default, the retransmission timer is 3 seconds. To change this value, enter the following command

in global configuration mode:

eou timeout retransmit seconds

seconds is a value in the range 1 to 60.

The following example changes the retransmission timer to 6 seconds:

hostname(config)# eou timeout retransmit 6

hostname(config)#

To change the retransmission retry timer to its default value, use the no form of this command, as

no eou timeout retransmit

For example:

hostname(config)# no eou timeout retransmit

hostname(config)#

Retransmission retries

When the security appliance sends an EAP over UDP message to the remote host, it waits for a

response. If it fails to receive a response, it resends the EAP over UDP message. By default, it retries

up to 3 times. To change this value, enter the following command in global configuration mode:

eou max-retry retries

retries is a value in the range 1 to 3.

The following example limits the number of EAP over UDP retransmissions to 1:

hostname(config)# eou max-retry 1

hostname(config)#

To change the maximum number of retransmission retries to its default value, use the no form of

this command, as follows:

no eou max-retry

For example:

hostname(config)# no eou max-retry

hostname(config)#

Session reinitialization timer

When the retransmission retry counter matches the max-retry value, the security appliance

terminates the EAP over UDP session with the remote host and starts the hold timer. When the hold

timer equals n seconds, the security appliance establishes a new EAP over UDP session with the

remote host. By default, the maximum number of seconds to wait before establishing a new session

is 180 seconds. To change this value, enter the following command in global configuration mode:

eou timeout hold-period seconds

seconds is a value in the range 60 to 86400.

Changing Global NAC Framework Settings

Cisco Security Appliance Command Line Configuration Guide

Troubleshooting

Asa 5500 series

Cisco PIX 500 Series Configuration Manual page 729

Troubleshooting

Related Manuals for Cisco PIX 500 Series

Related Products for Cisco PIX 500 Series

This manual is also suitable for:

Table of Contents