Wireless Access

We've rolled out a WPA2-PSK network for devices incapable of connecting to a WPA2-Enterprise netwrk. At present this is only for Game Consoles and we use clearpass dhcp fingerprinting to restrict the type of device that can use the network. Users have to register their mac address in clearpass guest and then we check their dhcp fingerprint to make sure the device is allowed. If not we redirect them to a portal page.

Clearpass passes back a session timeout of 3600 secondss in just the same manner as our dot1x auths... which do reauth every hour

On our controllers the mac authentication profile we use has the reauthentication checkbox enabled and also the "User server provided reauthentication interval" checkbox enabled. 

Problem is I can't see any reauths happening. I've a chromebook ultra connected to our PSK net on the desk behind me and its been running for more than an hour and I can't see any reauths.

Is there something else I need to configure on the mobility controller 

Make sure the "Reauthentication" parameter is also enabled in the mac authentication profile.

Yup it is..

and on our dev controller running latest 6.5 seems to work. Our production controller is a little bit behind version wise, so just checlking that out

You should turn on user debugging and see if the the client is receiving the reauthentication interval.  Also, typing "show user ip <ip address>" will show the reauthentication interval of the client.

Thanks for the info ... everything working just fine now

A