Wireless Access

last person joined: 10 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Idle Timeout and Logon Lifetime can't be longer than DHCP lease?

This thread has been viewed 0 times

  • 1.  Idle Timeout and Logon Lifetime can't be longer than DHCP lease?

    Posted Feb 05, 2013 09:24 PM

    Trying to pick some Airhead brains...

     

    I've recently changed some authentication timers because of complaints from users being prompted to re-login too often on open Captive Portal SSID. User Idle Timeout & Logon User Lifetime were changed from 30min to 90 min. DHCP lease times have always been short 35-45min. I did not change those when I changed the auth timeout which I'm now thinking I probably should with the additions of some VLAN's to the VLAN pool.

     

    Analysing, would it make sense that the controller still has a user in a table because of increased timeouts when a new user is trying to use the Wi-Fi with the same IP as the previous IP owner, and as a result, the new user is denied access?

     

    Users are experiencing the inability to bring up captive portal on open SSID and can't do anything when connected to 802.1x either besides getting IP, stuck in logon role.

     

    OS 6.1.3.6. Using MS DHCP.

     

    Thank you in advance.

     



  • 2.  RE: Idle Timeout and Logon Lifetime can't be longer than DHCP lease?

    Posted Feb 05, 2013 10:36 PM

    I should also mention that I had to disable IP spoofing because of a bug in 6.1.3.6 where users would get blacklisted, until, supposedly, this is fixed in 6.1.3.7 by the end of this month.



  • 3.  RE: Idle Timeout and Logon Lifetime can't be longer than DHCP lease?

    Posted Feb 05, 2013 11:53 PM

    Aruba TAC was able to replicate the issue/scenario, trying to determine whether this is a bug or normal behavior.