AAA, NAC, Guest Access & BYOD

How to limit simultaneous active sessions from a given user using CPPM

by on ‎07-16-2014 05:30 AM - edited on ‎07-09-2016 03:44 AM by Guru Elite Guru Elite

UPDATE 7/9/2016:  Please use the more up-to-date method here:  http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-to-deny-access-for-authentication-request-based-on-session/ta-p/183304

 

You can click on Article Options> Article History if you want to see the older version.

Comments
tpugielli

I just implemented this. I set my rule for less than 2 and I can get two devices on. I setup the DB and made a role mapping similiar to the above and added this as an Additional authorization sources from which to fetch role-mapping attribute but I can still get two devices on using the same credentials. Where can I check to see what may be going wrong?

tpugielli

to quickly add, the Authorization:Active_Session_Count_Tracker:session_count 0 shows up in the access tracker.

rajo7

Hi,

 

So what's the difference between this method and the one mentioned here?

Which one is better to use?

I tried the Insight db method and found that the query returns the correct value after few minutes.

 

Thanks

Hi Raj,

The current method which you are using is good, please follow the same.

The method in this article will query the Log database and the one which you are using will query the Insight database. Insight DB is better place to fetch the active/simultaneous session details.

Note: Insight or Log database will need the RADIUS accounting stop packet from the controller/switch for the clients that are no longer in the network to provide the correct value.
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.