Occasional Contributor I

OnGuard Session Timeout


We have recently integrated Aruba Clearpass with Cisco WLC 5508 and I've noticed after the users gets scanned and authenticated into the network, the session is timing out very quickly or even if the laptop LED closed out and moved from one floor to another floor withing less than 2 minutes, the session times out and it requires to go through the OnGuard process again, which is pain in the nick..


Globa Session Timeout in Cisco WLC is disabled for both SSIDs, but still is timing out.. On the same Service Profile, we are having Mobile as well they are staying connected fine without having to re-authenticate again.


Is there any setting is need to look at in the Clearpass Configuration?




Trusted Contributor I

Re: OnGuard Session Timeout

you might have solved it already, but still ... i can't imagine clearpass playing a role in this. it is the cisco that decides if it is going to authenticate you again. although you might a send a short reauth value in your enforcement policy. have you checked that?




Re: OnGuard Session Timeout

Please check whether the TCP port 6658 is allowed between the client(OnGuard Agent) and ClearPass server. 

The agent uses the port 6658 to establish the controll channel with ClearPass server to report the online status, if the port is blocked then the client will repost the health check every 3 mins.

Thank you,
Saravanan Rajagopal

**Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the post.
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: