10-51
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter10 Managing Access Poli cies
Maximum User Sessions

Network Device Access EAP-FAST Settings Page

Use this page to configure parameters for the EAP-FAST protocol that the NDAC policy uses.
To display this page, choose Access Policies > Security Group Access Control > Network Device
Access.
Related Topics:
Configuring an NDAC Policy, page4-25
Configuring EAP-FAST Settings for Security Group Access, page 4-26
NDAC Policy Page, page 10-48
Maximum User Sessions
For optimal performance, you can limit the number of concurrent users accessing the network reso urces.
ACS 5.4 imposes limits on the number of concurrent service sessions per user.
The limits are set in several different ways. You can set the limits at user level or at group level.
Depending upon the maximum user session configurations, the session count is applied on the user.
Note To make the maximum sessions work for the user access, the administrator should configure the
RADIUS accounting.
Note To make the maximum sessions work for the device management, the administrator sho uld configure the
T+ session authorization and accounting.
This section contains the following topics:
Max Session User Settings, page 10-52
Max Session Group Settings, page 10-52
Max Session Global Setting, page10-53
Purging User Sessions, page10-54
Maximum User Session in Distributed Environment, page 10-55
Maximum User Session in Proxy Scenario, page 10-56
Table10-29 Network Device Access EAP-FAST Settings Page
Option Description
EAP-FAST Settings
Tunnel PAC Time To Live Time to live (TTL), or duration, of a PAC before it expires and requires replacing.
Proactive PAC Update When %
of PAC TTL is Left
Percentage of PAC TTL remaining when you should update the PAC.