Security

last person joined: 21 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass Guest Session-Timeout Configuration

This thread has been viewed 22 times

  • 1.  ClearPass Guest Session-Timeout Configuration

    Posted Oct 08, 2018 12:46 PM

    I would like to set the time limit of how often a guest user needs to reauthenticate via captive portal.  For instance, a device should not have to reauthenticate via captive portal more than once in a 24 hour period.  I see many different possible settings and I'm confused on what each one controls.

     

    In ClearPass Enforcement Policies:

    1.  RADIUS - Session-Timeout

    2.  Session-Check - Allowed-Duration

    3.  Endpoint - MAC_Auth_Expiry (Now Plus X hrs)

     

    On Wireless Controller:

    1.  aaa policy - user-idle-timeout

     

    What is the difference between all of these settings and which ones are actually required to accomplish what I want?

     

    I heard that there is a 12 hour max for this setting for captive portals, is this true?



  • 2.  RE: ClearPass Guest Session-Timeout Configuration

    EMPLOYEE
    Posted Oct 08, 2018 12:49 PM
    This is handled by MAC caching and is pre-configured when you use service template.