Hey All,
Need some assistance with an unusual request. Customer is using Controller's captive portal, but they have Clearpass. They cannot use the Guest module of Clearpass due to budget constraints, they could not purchase Guest licensing to accomodate all Guests.
Basically, they want to allow guest users access for 2 hours before forcing them to go through the captive portal again. I am trying to accomplish this in the following way:
- Enabled mac auth profile on controller and set Clearpass as server group
- Configured MAC auth service in Clearpass (Allow all mac auth) that sends back session timeout and other enforcements to the controller. I have Time Source and Insight as Authorization Sources.
I configured the Session Timeout enforcement to use %{Authorization:[Time Source]:now_plus_2hrs}
I assume that if that would work, the session would timeout in 2 hours and the session would be disconnected based on the expirey action.
I cannot get Time Source or Insight to show up as Authorization Sources in the requests though.
Any idea how to get this to work or an easier method?
Thanks.