Security

Hi Guys,

I have configured some guest portal with mac caching but..once in a while i can see devices getting inactive..

How can i disable the inactive?

why it's happning?

Do you also have mac authentication setup for that client?  Do you see the mac authentication happening?

mmm... i thought that the CPPM is saving all the guests MAC id's in order for them not need to re-login.

But if also MAC auth on the AAA profile on the controller needed for that - i will configure it. Thanks on the info.

For Captive Portal and Mac Caching with CPPM, this is how it works:

Guest Authenticates successfully via the captive portal

CPPM creates a device entry with the corresponding mac address that expires at the same times as the guest account.

Guest device goes to sleep or becomes idle and is removed from the user table

Guest device wakes up and on that same Virtual AP, we have mac authentication configured to send the mac address of the guest to cppm over radius

If mac authentication fails, guest ends up at the Captive Portal Screen

If mac authentication passes, we give the guest the guest role silently and it is all good until that device entry expires

If you have CPPm 6.1, use the service template to create your guest WLAN so that most of the configuration is done for you.

On the controller side, you need to configure mac authentication in the AAA profile of that Virtual AP so that guests always send their mac address to CPPM over radius.

Thanks on the info

I will test it - and let u know.

I'am using ClearPass Policy Manager 6.0.2.46902 on CP-SW-VA platform