12-29-2016 08:20 AM
We are testing a desing created for distributed venues with Instant cluesters connected through VPN to a centralized authentication site for EAP auth and an Airwave. Apart from the authentication each site will have its own captive portal for guest wifi and also client wifi.
The client is requesting to test different types of profiling with the instant clusters and we are testing them with a FreeRadius. We might be able to offer a ClearPass or a controller based remote sites solution but for pricing purposes we would try to get as much as possible without them.
Could anyone please confirm if we can do any of these with freeradius and instant, or if not if we should add a controller and/or a ClearPass:
- Configure a time limit interval for guests for each day
- Configure a maximum of simultaneous logins with the same user / pass
- Cache the MAC of an authenticated user so it doesnt have to login again. Please explain if its possible to set this cache time (i.e 1 day, 1 week, etc)
- Assign dynamic bandwidth to an SSID or a user. If the other is free take all the BW, if not stick to the max BW.
- Assign dynamic bandwidth to an application. Same as before but for example specify a maximum of 1mb per user for Facebook, but if the system is free of traffic assign all the 10mbps as EIR.
Thanks in advance!
Solved! Go to Solution.
12-29-2016 08:23 AM
ClearPass can do all of this out of the box.
12-29-2016 08:57 AM
I don't believe either controller or Instant can do this but I'll let someone else confirm or deny that. All others should be possible in both architectures.
12-29-2016 09:08 AM
I don't believe that you can support dynamic bandwidth allocation with the IAPs nor controllers. Might be supported in something like a Palo Alto firewall.
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos
12-29-2016 09:42 AM