Security

Reply
jj7
New Member
Posts: 4
Registered: ‎05-26-2012

User Inactivity timouts

Is there a way in ClearPass to be able to do actions on WiFi login inactivity after a certain amount of days? Basically once a WiFi user has authenticated initially via captive portal, all future authentication requests are processed via mac auth. If they haven’t connected again for example say a minimum of 20 days via mac auth they should fall back to captive portal authentication, since the account has been inactive during that time period. If they are regularly connecting in via mac auth (within the 20day period) then they will never get the captive portal page and always authenticate via mac auth. Any advice on how to set this up on ClearPass would be appreciated.

Guru Elite
Posts: 8,456
Registered: ‎09-08-2010

Re: User Inactivity timouts

I can't confirm that this works but you could try and add a condition to the top of your Guest MAC Cache enforcement policy with:

 

Type: Authorization:[Insight Repository]

Name: Days-Since-Auth

Operator: GREATER_THAN_OR_EQUALS

Value: 20

 

and then assign the appropriate enforcement profile for that condition to have them re-register.

 

 


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: