Security

Reply
New Contributor
Posts: 2
Registered: ‎01-27-2012

Amigopod / ClearPass Guest Questions - Misc

I have a few misc questions about the ClearPass Guest / Amigopod.

 

We have a partial deployment (using the database for 802.1x PEAP) and are now tacking on the self-registration / guest portal to a new WLAN and I have a few general questions.  I've already spent a fair amount of time with the KB / documentation.

 

- How do I have to have things setup so the account expiry for the self-registration created accounts can be set BELOW 24 hours? It doesn't appear to accept a number lower (get expiry field errors, even though it accepts a default field value of 10, when I lower the number below its default of 24)

 

- Does the system handle session timeouts? If so, how? (IE - timeout after an hour of inactivity) Do I have to just manage this on the controller and kill the sessions altogether?

 

- Is there a way to send a user their account name / password by default when their password is changed by an operator? (I have played with the form fields, but haven't come up with anything)

 

- Is there any mechanism for users to deal with their own account expiry, besides leaning on an operator?

 

I appreciate any responses greatly.

 

Thank you,

 

-J

MVP
Posts: 517
Registered: ‎05-11-2011

Re: Amigopod / ClearPass Guest Questions - Misc

Hello Jeremy!

 

Note - my experience is on pre-3.9.. Also I don't know if your scenario involves Sponsor confimation, so just add more information if the answers below isn't sufficient.

 

Account-expiration

Edit the self-registration. Click on Register Page - Form. Edit the "Expire after" field. Value can be 1 or higher.

 

Timeouts

This you handle on the Controller under Authentication/Advanced. User Idle Timeout.

To get more detailed statistics on your Clearpass you should enable "RADIUS Interim Accounting" in the aaa-profile.

 

Auto-send username/pw

In a self-registration scenario I don't really see a need for the Operator to do anything, since the guest can just re-register and the account will be updated both with new expiration and password.

 

Still - I don't think it's possible to auto-send on other actions than create, so you will have to click on Send receipt after the password update

To accomplish this you will have to add is under Customization/Guest Manager. Check the "Password Display" option, and note the comments on this field as in what kind of access the operator will need.

Once the Operator has done Reset Password / Update Account he/she will be presented the options to print or send by SMS (if this is configures).

You can configure different Email templates to customise your need.

 

User handling account expiration

As mentioned above - with Guest Self-Registration they can just register again once expiration occurs.

 



Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Search Airheads
Showing results for 
Search instead for 
Did you mean: