AAA, NAC, Guest Access & BYOD

Reply
New Contributor
guidom58
Posts: 2
Registered: ‎08-15-2011

Machine and User Authentication

We verify that a computer has both a user cert and machine cert from our PKI before allowing it on the wireless. the problem we seem to have is that when a laptop goes into sleep mode it loses machine auth. you have to reboot or logout and log back in to reconnect. The clients are Windows 7. Anyone seen anything like this?

Moderator
cjoseph
Posts: 12,671
Registered: ‎03-29-2007

Re: Machine and User Authentication

Your machine only "machine authenticates" if it is at the ctrl-alt-delete screen.  There is a timer in in the 802.1x profile under advanced that says how long the controller remembers that a machine has "machine authenticated" after being at the ctrl-alt-delete screen.  It is the "Machine Authentication Cache Timeout" parameter and by default it is only 24 hours, so your machine would have to be at the ctrl-alt-delete screen every 24 hours for the controller to know that it has machine authenticated.

 

You can find this timer by going to configuration> security> authentication> l2 authentication> 802.1x profile.  Find the profile that corresponds to your WLAN and under advanced, the "Machine Authentication Cache Timeout" parameter should be there.  Extend it as long as you need, so that your users do not have to be log off then log on again.


Colin Joseph
Aruba Customer Engineering
Frequent Contributor I
HeyEddie
Posts: 100
Registered: ‎06-17-2009

Re: Machine and User Authentication

Is there a machine auth default timeout for Instant? If so, is there way to change it?
Eddie Forero | @HeyEddie
Principal, CommunicaONE Inc.
ACCP, ACMX #365, CWNA
Search Airheads
Showing results for 
Search instead for 
Do you mean