Wireless Access

Hi,

I have a question regarding guest accounts created on the controller. Is it possible to configure that e.g. one guest account is valid for 8h after first successful authentication?

What about Clearpass Guest solution?

Regards,

Mathew

HI

Always we can specify the expiry time for a guest account in a controller. with CPPM guest access it is more flexible. which solution do you need here ? Controller or CPPM ?

Please clarify I can help you on this.

I would like to deploy controller and as I wrote early I would like that controller will start counting expiration time after successful authentication.

Hi,

Policy enforcement is not that much with a Controller, probably you can specify a login validity time range through an ACL and map it to the authenticated role so that user can connect to the network during a specific time.

I'm not sure whether it is possible through CPPM or not. let me check and come back on this.

Hi,

Your requirement can be fulfilled through CPPM, you need to enable interim accounting and monitoring the user session time and take an action when it reaches a threshold. the action can be either blocklisting or disconnecting.

Please feel free if you need more help on this.

You would need CPPM to do this (the controller alone cannot).   To do so, you'd use the expire_postlogin field in your guest creation form.