Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

OnGuard Session Timeout

This thread has been viewed 3 times

  • 1.  OnGuard Session Timeout

    Posted Jul 22, 2015 11:23 AM

    Hello,

    We have recently integrated Aruba Clearpass with Cisco WLC 5508 and I've noticed after the users gets scanned and authenticated into the network, the session is timing out very quickly or even if the laptop LED closed out and moved from one floor to another floor withing less than 2 minutes, the session times out and it requires to go through the OnGuard process again, which is pain in the nick..

     

    Globa Session Timeout in Cisco WLC is disabled for both SSIDs, but still is timing out.. On the same Service Profile, we are having Mobile as well they are staying connected fine without having to re-authenticate again.

     

    Is there any setting is need to look at in the Clearpass Configuration?

     

    Regards,

     



  • 2.  RE: OnGuard Session Timeout

    Posted Sep 12, 2015 11:38 AM

    you might have solved it already, but still ... i can't imagine clearpass playing a role in this. it is the cisco that decides if it is going to authenticate you again. although you might a send a short reauth value in your enforcement policy. have you checked that?

     

     



  • 3.  RE: OnGuard Session Timeout

    EMPLOYEE
    Posted Oct 26, 2015 12:10 PM

    Please check whether the TCP port 6658 is allowed between the client(OnGuard Agent) and ClearPass server. 

    The agent uses the port 6658 to establish the controll channel with ClearPass server to report the online status, if the port is blocked then the client will repost the health check every 3 mins.