Security

Reply
Contributor II
Posts: 50
Registered: ‎10-11-2013

Limit concurrent sessions in ClearPass

Hi All,

 

Looking for assistance with a configuration which would allow users to register a large number of devices (unique device count) but restrict concurrent connections (session count) to a small number

 

It seems like this can be done with an enforcement policy, but I don't see an operator for session count when building rules.

 

Does the 'session limit' setting on the controller have any effect in this scenario?

 

 

 

 

Guru Elite
Posts: 8,759
Registered: ‎09-08-2010

Re: Limit concurrent sessions in ClearPass

Sessions would be limited in the user role on the controller. 

Sent from Nine

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Guru Elite
Posts: 21,492
Registered: ‎03-29-2007

Re: Limit concurrent sessions in ClearPass


RHertzing wrote:

Hi All,

 

Looking for assistance with a configuration which would allow users to register a large number of devices (unique device count) but restrict concurrent connections (session count) to a small number

 

It seems like this can be done with an enforcement policy, but I don't see an operator for session count when building rules.

 

Does the 'session limit' setting on the controller have any effect in this scenario?

 

 

 

 


The article here:  http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-limit-simultaneous-active-sessions-from-a-given-user/ta-p/186556 is old, but it might help.

 

On the controller there are two "sessions" parameters.  The one in the role limits firewall connections per user:  you don't want that one.  The one in the Captive Portal authentication profile (Allow only one active user session)  limits the number of users that can be logged into the captive portal with the same username to 1.  If you are not using the captive portal OR you don't want to limit connections to 1, that parameter is not for you.  Try the article above.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II
Posts: 50
Registered: ‎10-11-2013

Re: Limit concurrent sessions in ClearPass

I was able to implement the configuration shown but I still run into a limit of 5 devices per username.

 

Any chance there is an updated walkthrough for 6.5? The config has changed a bit since the guide was written. I am wondering if I missed/misconfigured something.

 

 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: