@mldickson wrote:
This report was run from "24 hours ago" until "now.
If I understand correctly that means at least 7870 devices (32.08%) sat in the CP pre-auth role for the last 24 hours and never went on to the authneticated role..never logged in.
One might conclude users of these devices have no intention of logging in via captive portal. According to the report the majority of these devices are iPhones and Androids. One might further conclude that these devices are using cellular data or pwerhaps our 802.1x ssid (is there a fast way in Airwave to check whether these devices that are "sitting-in-pre-auth" are actually using our 802.1x ssid?).
A question comes to mind. Leaping ahead to where this info is leading us, has anyone taken the step of blocking smartphone access on the open ssid and explaining to users that they can either configure for 802.1x or use cellular data when on campus?
This is all in the context of trying to better utilize limited IPv4 space on our wireless network.
Mike
@mldickson
>>If I understand correctly that means at least 7870 devices (32.08%) sat in the CP pre-auth role for the last 24 hours and never went on to the authneticated role..never logged in.
Actually this means that within the 24-hour period for this reporting time, 7870 users were found to be in the CP pre-auth role never actually going into the post-auth role.
>One might conclude users of these devices have no intention of logging in via captive portal. According to the report the majority of these devices are iPhones and Androids. One might further conclude that these devices are using cellular data or pwerhaps our 802.1x ssid (is there a fast way in Airwave to check whether these devices that are "sitting-in-pre-auth" are actually using our 802.1x ssid?).
Does the 802.1x SSID provide captive portal? If so, yes a pre-auth role is definitely assigned to the user.
You can run a client session report against that SSID only and filter on the pre-auth role to see how many users you have.
>>A question comes to mind. Leaping ahead to where this info is leading us, has anyone taken the step of blocking smartphone access on the open ssid and explaining to users that they can either configure for 802.1x or use cellular data when on campus?
See this thread for some more information on how to do this as it is possible.
http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/How-can-I-filter-smart-phones-from-connecting-to-my-WLAN/m-p/111101/highlight/true#M23821