02-05-2014 08:27 AM
The last days I've configured an public guest access captive portal with this how-to: How-To
However I've still a few problems.
The users who've connected through the Public network have to reauthenticate every time they turn their wifi on and of.
The setting reauthentication is set on 24 hours but it seems not to be working...
My second problem is when at the clients at the dashboard page they only thing I see is 1 user who is connected to the public network. However I am pretty sure there are like 30 people connected through the public wifi.
02-05-2014 08:30 AM
For your first question, the reauthentication interval is for active clients. So if I had my laptop connected and in use, force me to reauthenticate every 24 hours. In order to do "transparent" login with guest accounts, you need an external RADIUS server, such as ClearPass, to do MAC caching which is a L2 mac auth for the device.
02-05-2014 02:28 PM
I use you are using ArubaOS (controller)?
You can try to extend the User Idle Timeout. This idle timeout will control the timeout of entries in the user-table. You can configure the User Idle Timeout with a maximum value of 4 hours. This means the client can remain disconnected for up to 4 hours before it needs to re-authenticate.
You can configure this globally: Configuration > SECURITY > Authentication > Advanced > User Idle Timeout.
Or you could also configure this on the AAA profile (added in ArubaOS 6.3).
Please beware: the User Idle Timeout can *never* be lower than the DHCP lease time or else this might cause issues with the "prohibit IP spoofing"-feature, which is enabled by default.
As mentioned by cappalli an alternative for this is MAC-caching by using a RADIUS server (like ClearPass).
ACMX#255 | ACMP | ACCP | AWMP