Security

Reply
Contributor II

Captive Portal Guest User Session Timeout

Is it possible?

 

We are presenting guest SSID users a Captive Portal, with a guest only "authentication", meaning an agreement to AUP.  This is all working nicely.

 

It has been requested to re-present that page at an interval - say 90 or 120 minutes.  I cannot seem to be able to configure this - is it possible? 

 

I know about the User Idle timeout value and the Logon User Lifetime, but I belive the latter only applies to pre-authenticated users.  If I am understanding correctly, a Guest user who has logged on using captive portal (even as a guest) is still "authenticated", so would not apply.  Is this true or do I have it not quite right?

 

Kevin

Kevin Schoenfeld

Aruba Employee

Re: Captive Portal Guest User Session Timeout

I think what you're looking for is an absolute timeout, which doesn't exist that I know of.

Frequent Contributor II

Re: Captive Portal Guest User Session Timeout

I think you are going to get a lot of complaints is doing something like this. As the user will have to accept and whatever they were doing just got killed by having to reauthenicate. 

 

Can you give  a little more details on why you would want to present them with the AUP page every X minutes? 

David Dipert
Contributor II

Re: Captive Portal Guest User Session Timeout

It has been discussed as a re-education tool.  Our prevous guest network was open with no captive portal.  Students (and facstaff) had no reason to connect to anything else.  We are encouraging people to move to our WPA2 profile.  Our guest captive portal would either let them stay on as a guest (with re-auth) or direct actual users through an onboarding (to WPA2 SSID) process.

 

Our thinking was that true guest/temporal access was primarily used for meetings, and forcing a guest "re-auth" during this interval would be acceptable for free usage.

 

 

Kevin Schoenfeld

Frequent Contributor II

Re: Captive Portal Guest User Session Timeout

You’re looking for behavior modification..


We have used BW contacts for guest account for the very same thing. We make the guest connections usable but don't let them have as much BW as they would like. Every school that I have worked with has BW issues with students. This helps ensure guest don't take to much BW and get students to move to your preferred SSID.

 

As far as the AUP popping back up. I still think your going to get in to bad light when someone is downloading a large file, the system

kicks them out to accept the AUP but what they were almost done with a large download now they have to start over.

 





 

David Dipert
Contributor II

Re: Captive Portal Guest User Session Timeout

Agreed, regarding Behavior modification.... we were just kicking this around as an idea.

 

I just found out this is possible per user role, under re-authentication timeout.  Missed it the first time through.

Kevin Schoenfeld

Frequent Contributor II

Re: Captive Portal Guest User Session Timeout

Please update us on what you decide and if you need help please let me know.

 

David Dipert
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: