04-16-2012 05:19 AM - edited 04-16-2012 05:23 AM
Hello, I was wondering how I can force a user / device to reauthenticate when they connect to a different SSID. Some of our users have found that if they switch from our Corporate WPA2-PSK SSID over to our open Guest SSID that they can get out to the Internet without being asked for credentials from the Guest Captive Portal. I think this is happening because their original authenticated role is being remembered on the Controller. I would like to force authentication to happen as soon as anyone connects to the Guest SSID regardless of any previous connections.
Thanks in advance,
OAW-6000 mobility switch running AOS-W Version 220.127.116.11
04-16-2012 01:28 PM
I would open a case with Alcatel TAC and show them this issue. When ever I have seen a client change SSIDs, they state on the controller is cleared temporarily so that the user is placed into the logon role of the open SSID. That would cause them to go through the captive portal before they could send packets to destinations (other that what is allowed by your logon role). If this is truly happening, it sounds like a code issue.
04-24-2012 01:42 AM
Thanks for the advice. It could well be code related as I don't remember users being able to do this in the past when we were running version 3 software.