Wired Intelligent Edge (Campus Switching and Routing)

Reply
Occasional Contributor II

Reauthentication using clearpass captive portal after User idle TImeout

Setup: Windows Desktops directly connected to Aruba 29xx series switchs. Login using clearpass captive portal authentication. No mac authentication.

 

Requirement : After succesfull login, when users reach windows User idle time out, switch should do "session expiry" for that user and should re-initiate captive portal login.

 

Challenge: We have disabled mac authentication and enable idle timeout in switch but Desktop PCs will always be connected to switch and there will be packet exchange so idle timeout is not helping when one user completes his shift and leaves his desk during  time in which PC will be idle.

 

Detailed explination: Customer needs captive portal self registration and login for their Desktop users connecting to Aruba Switch.Since multiple users work on shift basis in a single PC  where one guy leaves his desk he should have option to log off his Internet access in web and next user comes he should be presented with captive portal login where he has to provide his credentials  for accessing Internet again.This should happen on daily basis as Customer requires accounting data of the employees accessing internet daily.

Occasional Contributor II

Re: Reauthentication using clearpass captive portal after User idle TImeout

any update on above query?

Aruba Employee

Re: Reauthentication using clearpass captive portal after User idle TImeout

Hi, 

 

Can you share your config?  Are you setting the idle timeout at the switch port?  Are you using user roles?

 

There is a logoff-period option as well that you can set on the port that will kick off after no activity.

 

Switch(config)# aaa port-access authenticator <ports> logoff-period
<1-999999999> Enter a number.

 

Regards, 

 

Justin

Occasional Contributor II

Re: Reauthentication using clearpass captive portal after User idle TImeout

Thanks justin for reply!

 

For using "Log-off period" option, there is a rule that 'traffic should not hit the switch port for specified time'. But PC always tries to push some traffic to Switch Port.

 

Is there any possiblity that we can use 'traffic threshold concept' in switch?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: