last person joined: yesterday 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass Guest Session-Timeout Configuration

  • 1.  ClearPass Guest Session-Timeout Configuration

    Posted Oct 08, 2018 12:46 PM

    I would like to set the time limit of how often a guest user needs to reauthenticate via captive portal.  For instance, a device should not have to reauthenticate via captive portal more than once in a 24 hour period.  I see many different possible settings and I'm confused on what each one controls.


    In ClearPass Enforcement Policies:

    1.  RADIUS - Session-Timeout

    2.  Session-Check - Allowed-Duration

    3.  Endpoint - MAC_Auth_Expiry (Now Plus X hrs)


    On Wireless Controller:

    1.  aaa policy - user-idle-timeout


    What is the difference between all of these settings and which ones are actually required to accomplish what I want?


    I heard that there is a 12 hour max for this setting for captive portals, is this true?

  • 2.  RE: ClearPass Guest Session-Timeout Configuration

    Posted Oct 08, 2018 12:49 PM
    This is handled by MAC caching and is pre-configured when you use service template.