Wireless Access

Reply
New Contributor
Posts: 2
Registered: ‎02-05-2014

Public Guest Access

Hi there,

 

The last days I've configured an public guest access captive portal with this how-to: How-To

However I've still a few problems.

 

The users who've connected through the Public network have to reauthenticate every time they turn their wifi on and of.

The setting reauthentication is set on 24 hours but it seems not to be working...

 

My second problem is when at the clients at the dashboard page they only thing I see is 1 user who is connected to the public network. However I am pretty sure there are like 30 people connected through the public wifi.

 

Thanks!

 

Kind Regards,

Job

Guru Elite
Posts: 8,774
Registered: ‎09-08-2010

Re: Public Guest Access

For your first question, the reauthentication interval is for active clients. So if I had my laptop connected and in use, force me to reauthenticate every 24 hours. In order to do "transparent" login with guest accounts, you need an external RADIUS server, such as ClearPass, to do MAC caching which is a L2 mac auth for the device.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 130
Registered: ‎06-11-2013

Re: Public Guest Access

I use you are using ArubaOS (controller)?

 

You can try to extend the User Idle Timeout. This idle timeout will control the timeout of entries in the user-table. You can configure the User Idle Timeout with a maximum value of 4 hours. This means the client can remain disconnected for up to 4 hours before it needs to re-authenticate.

 

You can configure this globally: Configuration > SECURITY > Authentication > Advanced > User Idle Timeout.

Or you could also configure this on the AAA profile (added in ArubaOS 6.3).

 

Please beware: the User Idle Timeout can *never* be lower than the DHCP lease time or else this might cause issues with the "prohibit IP spoofing"-feature, which is enabled by default.

 

As mentioned by cappalli an alternative for this is MAC-caching by using a RADIUS server (like ClearPass).


ACMX#255 | ACMP | ACCP | AWMP
www.securelink.nl
New Contributor
Posts: 2
Registered: ‎02-05-2014

Re: Public Guest Access

Hi,

 

Thanks, I will try this now, i will let you know!

 

Regards,

Job

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: