Security

Reply
Occasional Contributor II
Posts: 34
Registered: ‎04-24-2013

User-idle Timeout

I have set user-idle timeout of 5 minutes.After 5 mintuies user must logged out.If the client does not commnunicates  with AP for 5 mintues then he must logged out.if yes ap determine clients communication based on ICMP i.e ping.Also if there is no network activity and user is idle for 5 mintues then also he must logged out ,that is not happening.Next when user shutdwon his/her PC he still remains in database for 5 mintues and then removed .When next time he loggins he should re-authenticate to gain internet acccess this is also not happening.He get directly connected to the network without authentication.Please suggest any solution to it.

MVP
Posts: 4,175
Registered: ‎07-20-2011

Re: User-idle Timeout

What version of AOS are you using ?
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 34
Registered: ‎04-24-2013

Re: User-idle Timeout

Model: Aruba3200 Version: 6.1.3.4

Aruba
Posts: 1,642
Registered: ‎04-13-2009

Re: User-idle Timeout

The user idle timeout is used to clear clients from the user table.   As you mention in your case; when the controller detects a user is idle for 5 minutes, it will check to see if the client is still there (connected, just not doing anything).  If it is, it resets the timer and leaves it alone.  If the device is not there (disconnected or asleep), then the client is removed from the user table.   When the device comes back online, the reauthentication depends on the authentication type you have set for the network.  If it is 802.1X, the client will typically cache the logon, so no reauthentication is seen, although it takes place.  If it is a pre-shared key network, the client caches the key and will connect without any visible authentication.  If the network is Open, it will just connect.   The only time you'd typically see a reauthentication visually is if the client is set not to cache the username/password on an 802.1X network or if you have Captive Portal setup for an Open network.

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Occasional Contributor II
Posts: 34
Registered: ‎04-24-2013

Re: User-idle Timeout

To re-authenticate in that case,what configuration have to be done in aruba 802.1x Profile.Is any configuration have to be done at Client's end.

Aruba
Posts: 1,642
Registered: ‎04-13-2009

Re: User-idle Timeout

It is on the client end.   Typically the cache their logons and don't prompt again.   

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Occasional Contributor II
Posts: 34
Registered: ‎04-24-2013

Re: User-idle Timeout

Thanks for the support....

Search Airheads
Showing results for 
Search instead for 
Did you mean: