Security

 View Only
  • 1.  Limit concurrent sessions in ClearPass

    Posted Jan 22, 2016 05:02 PM

    Hi All,

     

    Looking for assistance with a configuration which would allow users to register a large number of devices (unique device count) but restrict concurrent connections (session count) to a small number

     

    It seems like this can be done with an enforcement policy, but I don't see an operator for session count when building rules.

     

    Does the 'session limit' setting on the controller have any effect in this scenario?

     

     

     

     



  • 2.  RE: Limit concurrent sessions in ClearPass

    Posted Jan 22, 2016 05:15 PM
    Sessions would be limited in the user role on the controller. 

    Sent from Nine


  • 3.  RE: Limit concurrent sessions in ClearPass

    Posted Jan 23, 2016 08:42 AM

    @RHertzing wrote:

    Hi All,

     

    Looking for assistance with a configuration which would allow users to register a large number of devices (unique device count) but restrict concurrent connections (session count) to a small number

     

    It seems like this can be done with an enforcement policy, but I don't see an operator for session count when building rules.

     

    Does the 'session limit' setting on the controller have any effect in this scenario?

     

     

     

     


    The article here:  http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-limit-simultaneous-active-sessions-from-a-given-user/ta-p/186556 is old, but it might help.

     

    On the controller there are two "sessions" parameters.  The one in the role limits firewall connections per user:  you don't want that one.  The one in the Captive Portal authentication profile (Allow only one active user session)  limits the number of users that can be logged into the captive portal with the same username to 1.  If you are not using the captive portal OR you don't want to limit connections to 1, that parameter is not for you.  Try the article above.



  • 4.  RE: Limit concurrent sessions in ClearPass

    Posted Jan 26, 2016 04:38 PM

    I was able to implement the configuration shown but I still run into a limit of 5 devices per username.

     

    Any chance there is an updated walkthrough for 6.5? The config has changed a bit since the guide was written. I am wondering if I missed/misconfigured something.