Your NAS may support the Session-Timeout
/Idle-Timeout
attributes which you can include in the Access-Accept.
- http://freeradius.org/rfc/rfc2865.html#Session-Timeout
- http://freeradius.org/rfc/rfc2865.html#Idle-Timeout
These will trigger periodic re-authentication, Session-Timeout
after a fixed period, Idle-Timeout
after a period of inactivity. Out of the two Session-Timeout
is more widely supported.
You may also need to include Terminate-Action
for the timeout values to be honoured.
Destroying and recreating sessions may cause disruption for your users so you should check how your NAS and client devices behave in a development environment first.
Other than the aforementioned timeout attributes and a PoD/DM (Packet of Disconnect/Disconnect Message) there is no standards based method of terminating a user's session.