06-26-2013 12:08 PM
I am using an Aruba 620 controller and AP105's running Aruba OS 220.127.116.11 and I am trying to configure a session time out and idle timeout without success. I would like for users to re-authenticate after a specified time and for idle devices to disconnect and have to re-authenticate after a specified time.
I've tried configuring the controller timers,
configuring timeouts in connection request policies on the NPS,
and configuring timeouts in network policies on the NPS.
So far, none of these settings seems to have any effect. Tested with iPad and iPhone and laptop running Win7 which none were ever disconnected nor prompted to re-enter credentials. Where can I make these settings work? What am I missing?
Thanks for any help,
06-26-2013 01:44 PM
None of those knobs have any effect that you want them to in 802.1x because it is the built-in IOS Supplicant that re-submits those credentials automatically. At most, those devices receive an EAP request and resubmit the same credentials upon reauthentication. The only way those devices will prompt a user, is if there is a rejection from the radius server. The only way to do it the way you want is using the Captive Portal.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base