We have a guest WLAN that is using captive portal to authenticate guest users via a Clear Pass server. The captive portal lives on the controller but the guest accounts are created and maintained on the CP server. Authentication seems to be working properly, but Apple devices are having to reauthenticate every 30 minutes. So far it is only Apple deivces that have this issue. Windows and Android work fine.
I am not sure if there are any special settings for Apple devices or not with this scenario. The Clear Pass is on the latest 6.2.6.x release.
Yes, they are hitting the service.
It's returning the guest role. I don't have Insight enabled as an auth source, just endpoints and timesource. We are using date stamps in the rules so the MAC will be cached until the next day. Their requirement was for the MAC's to be cahced until midnight then cleared out and forced to re-authenticate. Using date stamps was the only way we could figure out how to do this.
Just wanted to give an update. We are narrowing down the symptoms. It appears that when the Apple devices such as iPads and iPhones go into power save and disable their radios the controller is aging them out of the user table which I am pretty sure is what is causing them to have to reauthenticate. They are still a known endpoint in ClearPass though and I verified that they are hitting the MAC caching service.
Technically, I guess the controller is behaving normally in a sense. One idea is to extend the global user idle timeout or set an idle timeout on the captive portal profile. An argument has been made that if they are idle that long then do they really need to be connected? As you can guess the political side of that one is thin ice....
The solution to this was enabling the Insight functionality in Clear Pass which is slightly infuriating since Aruba TAC originally told me to disable that.... It was causing the MAC caching to fail. I thought Insight was just for reporting and stats????
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.