Hi
I’m new to clearpass so may have missed something obvious or it’s not possible etc. Basically we have a requirement to provide a guest captive portal with self-sponsor where initial registration grants 15min access (so you can get to your emails) and clicking the self-sponsor link updates this to 3 months.
I have the basics working, the guest gets 15mins access, clicks the link and clearpass updates their account with +720 day’s expiration. What I can’t seem to get is CoA / RFC 3567 to update the active session so the user does not have to re-login again.
At the moment the user gets redirected back to the portal after 15mins and when they log back in they get 3 months session timeout in seconds (it’s a large number, may just be the largest WLC will accept).
CoA is working as I can disconnect users etc from clearpass, Radius accounting is also working correctly as far as I can tell. I have created a policy which will successfully update via CoA the session timeout, I have tested it by enforcing it under the guest authentications service.
I can’t see anyway of enforcing this profile based on radius accounting or the user clicking the link in the self-sponsor email.
Any ideas?
Clearpass version 6.3.4.64924
Cisco WLC version 7.6.120.0
Thanks in advance
Andy