Our guest network is currently configured as an open SSID with a captive portal. If a user is within range, they device tries to connect to the SSID. So in Clearpass Access Tracker, it shows several guest devices showing repeat rejections every few seconds and they continue until they open the captive portal and authenticate. The reason this setup was created initially was for ease of management. We have two different guest SSIDs hitting a single service in Clearpass. If you're an employee, you can login with your AD creds. If you're a guest, we have a temp guest login that expires after 24 hours and we change the password for monthly within Clearpass.
I am wondering if there's a better way to lock down the guest account to keep the several transactions from generating within Access Tracker and creating an unneccessary load on the server without adding the extra management.