Clearpass and VPN users
06-15-2020 09:55 AM
Hello im doing some labs and was wondering if its possible to disconnect a vpn users from an active session when his time expire?
Right now i got it configured with a fortinet firewall. Everything works fine. But the only thing it does not do is that when the times ends, it wont disconnect the user automatically. He will have to disconnect so the rule that he cant get in again because the account is expired works, otherwise if he has his session active and connected he can be on the corporate network.
I would like to do this
If their account ends at 2 pm of today then disconnect it at 2 pm of today even if he is connected.
Guess i ll have to use CoA.
Any examples of how to create the policies for this?