Forum Discussion

teemo_13's avatar
teemo_13
Icon for Cirrus rankCirrus
Feb 03, 2023

Configuration Utility Login Timeout

Do you guys know what is the login timeout config for Config Utility? I've found that on SSH, it is LoginGraceTime under sshd.conf.

Is it in the httpd or elsewhere?

application delivery

3 Replies

Sort By
    • teemo_13's avatar
      teemo_13
      Icon for Cirrus rankCirrus
      Feb 04, 2023

      No, that is for when you are already logged in. What I am looking for is the time out when you type in your credentials, then authenticate to an ISE server. That's the timeout I need.

      • mihaic's avatar
        mihaic
        Icon for MVP rankMVP
        Feb 04, 2023

        for example when you create a tacacs for tmsh , you have a timeout you can set:

        (tmos)# create auth tacacs system-auth ?

        Properties:
        accounting    If multiple TACACS+ servers are defined and pluggable authentication module (PAM) session accounting is enabled, sends accounting start and stop packets
        to the first available server or to all servers. The default value is send-to-first-server.
        app-service      The application service that the object belongs to.
        authentication   Specifies the process the system employs when sending authentication requests. The default is use-first-server. use-first-server specifies that the
                     system sends authentication requests to only the first server in the list. use-all-servers specifies that the system sends an authentication request to
                     each server until authentication succeeds, or until the system has sent a request to all servers in the list.
        debug       Enables syslog-ng debugging information at LOG DEBUG level. Not recommended for normal use. The default value is disabled.
        description User defined description.
        encryption  Enables or disables encryption of TACACS+ packets. Recommended for normal use. The default value is enabled.
        protocol    Specifies the protocol associated with the value specified in the service option, which is a subset of the associated service being used for client
                    authorization or system accounting.
        secret      Sets the secret key used to encrypt and decrypt packets sent or received from the server. This option is required.
        servers     Specifies a host name or IP address for the TACACS+ server. This option is required. Possible values are a user-specified string, and none. You must
                    specify a server when you create a TACACS+ configuration object.
        service     Specifies the name of the service that the user is requesting to be authenticated to use. Identifying the service enables the TACACS+ server to behave
                    differently for different types of authentication requests. This option is required.
        timeout     Specifies the connect timeout in seconds