Security

Reply
Frequent Contributor I
Posts: 87
Registered: ‎08-05-2013

Guest Access - Timeout/Reauth

Our guest wifi is configured in conjunction with ClearPass so that a guest needs to be sponsored by an employee before being let on.  We’ve been receiving complaints that after the guest has been sponsored and they lock their laptop or go to lunch, their session goes idle and when they attempt to log back in, the credentials that were provided no longer work.  They have to go through the sponsorship process again.  Is there a way to change the timer (either on the controller or in ClearPass) so that sessions do not timeout so quickly and stay active for the length of time they were sponsored for (1 hour, 1 day, 1 month or 1 year)?

Guru Elite
Posts: 20,019
Registered: ‎03-29-2007

Re: Guest Access - Timeout/Reauth

You should use mac caching for guests in ClearPass so that you do not have to enable timers, which can introduce it's own considerations.


#AirheadsMobile
Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Guru Elite
Posts: 20,019
Registered: ‎03-29-2007

Re: Guest Access - Timeout/Reauth

You should use mac caching for guests in ClearPass so that you do not have to enable timers, which can introduce it's own considerations.


#AirheadsMobile
Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Aruba
Posts: 233
Registered: ‎11-19-2009

Re: Guest Access - Timeout/Reauth

There are 2 options to do:

 

1. Use the form field to edit and configure the expire time to set the timer validation of whatever the value we need for expiraton for the self registration user requiring sponsor approval. 

2. Use the guest mac caching to set or cache the timer from when the user authenticated maintain the authenticated role for "X" number of time.

 

I see the option 1 is easy compared to option 2.

 

Thank you

Sriram

Search Airheads
Showing results for 
Search instead for 
Did you mean: