Security

Reply
Contributor II
Posts: 43
Registered: ‎12-14-2011

Bandwidth Quotas on CPPM

Hi All

 

I have a customer who wants to kick his users off the guest network when they have reached a download cap. I have applied a post auth session enforcement profile that does this fine and disconnects the user. However, this only works when they re-authenticate. So yesterday, whilst on site, I could happily download way more than the 50Mb limit we set, but if I disconnected and reconnected, I would get kicked off.

 

How do I make this continually monitor a session and kick them off when they hit 50Mb? I have RADIUS accounting set up properly and the data is being recorded in the Accounting page.

 

If I was doing this with RADIUS, then I could reauth regularly and check the bandwidth downloaded that way, without the user seeing a drop but with captive portal, this would mean they would need to re-auth through the portal every time we check the bandwidth figure.

 

Any ideas how to get round this?

 

Cheers

 

 

Aruba
Posts: 1,368
Registered: ‎12-12-2011

Re: Bandwidth Quotas on CPPM

Are you also doing mac-caching?  Perhaps tie into that as well?  Is radius interim accounting also enabled?

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Contributor II
Posts: 43
Registered: ‎12-14-2011

Re: Bandwidth Quotas on CPPM

I have Radius interim accounting set up. We aren't doing mac caching at the moment.

Aruba
Posts: 1,526
Registered: ‎06-12-2012

Re: Bandwidth Quotas on CPPM

 Make sure your COA is working. You can check in the logs on the guest side and CPPM to see if is being triggered but there might be some errors.

 

 

 

 

Screen Shot 2014-08-21 at 1.28.15 PM.png

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Aruba
Posts: 1,526
Registered: ‎06-12-2012

Re: Bandwidth Quotas on CPPM

Also make sure in your service that you have the bandwidth limit is in the enforcement.

 

Screen Shot 2014-08-21 at 1.36.55 PM.png

 

Screen Shot 2014-08-21 at 1.34.34 PM.png

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Occasional Contributor II
Posts: 37
Registered: ‎03-15-2011

Re: Bandwidth Quotas on CPPM

Last time I tried this with 6.3 (didnt work very well...) I had to use a black list repository and it was based on the username (no good for anonymous service).

I'll try dig out the case nots to see if I an put togther a walk though.

Contributor II
Posts: 43
Registered: ‎12-14-2011

Re: Bandwidth Quotas on CPPM

I have the badnwidth policy in the enforcement porofile and CoA is working. Maybe I'm missing something but I can't see at what point and how the service would check the bandwidth used except at authentication?

Aruba
Posts: 1,526
Registered: ‎06-12-2012

Re: Bandwidth Quotas on CPPM

you must have interm account turned on also on the NAS device. By default most vendors it is at 10 min intervals. 

 

Screen Shot 2014-08-22 at 10.36.04 PM.png

 

 

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Contributor II
Posts: 43
Registered: ‎12-14-2011

Re: Bandwidth Quotas on CPPM

[ Edited ]

Interim accounting is enabled too!

Search Airheads
Showing results for 
Search instead for 
Did you mean: