Cloud Managed Networks

Hello i would like if someone coud explain me how does this work on aruba central

I got an option on aruba central

The manual says that but i dont understand completely and i would like if someone can enlight me a bit on this

Enter the maximum time in Day(s): Hour(s): Minute(s) format for which a client session remains active. The default value is 0:8:00. When the session expires, the users must re-authenticate. 
If MAC caching is enabled, the users are allowed or denied access based on the MAC address of the connective device.

Let say i got user visitor 1

I would like to know what would be the difference between using mac caching or not using it

Because as i look in the manual it says that if i configure the session time out for 8 hours, the user wont need to reauthenticate until the 8 hours.   So now if the session time out is working like this why do i need mac caching?

SEcond question

if the visitor 1, his ticket is for 4 days and i active the mac caching he will not need to authenticate at all in those 4 days? 

How long does this mac caching work? i can control that time in clearpass but i dont know how does this work here

Anyone?

Cheers

Carlos

Hello,

Anyone able to answer these questions? I am also curious about how this works, especially scenario 1. 

Hi Carlos,

Did you get the answer for this? I have the same question.

Regards,

Julián

By default the IAP has a WiFi inactivity timeout of 1000 sec (configurable under "Wireless Management"->"Wireless Networks" -> "Miscellaneous"). It means if user is inactive on WiFi for more than 1000 sec, than IAP will remove user entry from user-table. After this if user comes back on the network, than user will need to go through captive portal authentication again.

• If Mac Caching is enabled, than once user authenticates for very first time, guest user's mac-address will be stored in the cloud server.
• Now if user disconnects from WiFi and comes back after an hour, than rather than showing captive portal page again, IAP will first attempt for MAC authentication. If user's mac-address already exists in Aruba Central's database, than user will pass authentication without going through the splash page.

Hope this helps. 

Hi Jerald,

Thanks for the explanation. Then let's say a user connects to the network and goes through the captive portal authentication, then its MAC address is stored in the Aruba Central database. Then the user disconnects of the WiFi for more than 1000 sec. I understand its MAC address is still stored in the Aruba Central database. Then, when the user connects again, will it go through captive portal authentication?

Regards,

Julián

No, as long as the session timeout configured on the guest splash page hasn't elapsed they wouldn't be redirected to the splash page. Once the session timeout has elapsed then they would be redirected. The MAC Caching feature is primarily there to keep users from being redirected to the web portal everytime they go inactive for 1000 seconds. 

Hi Jerald,

Ok, now I understand. But then I don't know why some users in a customer's networks need to go through the captive portal authentication when the session timeout has not elapsed, and MAC Caching is enabled:

https://community.arubanetworks.com/t5/Wireless-Access/Aruba-Central-and-MAC-Caching-problem/td-p/333448

Regards,

Julián