Controllerless Networks

Hi,

I have Guest SSID that authenticate users with Captive portal.

however, when user can't authenticate, it seems to get IP address and show up connected to CPPM-Prof

how can I reduce the time of the users that cannot authneticate?

This is what is expected to be normal. If users don't authenticate to the captive portal, they will stick in the captive portal redirect role, because you won't know if they don't authenticate or don't have credentials to authenticate. You may do something with MAC authentication and 'reject' those clients after a certain amount of time, but then they can't authenticate once they get the credentials if they are disconnected. In general, WiFi clients will just reconnect if they get disconnected.

What would be the reason that users can't authenticate?
What would be the reason that you want to 'reduce the time'?

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Sep 14, 2022 05:26 AM
From: Samir Rafid
Subject: How to drop un-authenticated user or reduce their connection time?

Hi,

I have Guest SSID that authenticate users with Captive portal.

however, when user can't authenticate, it seems to get IP address and show up connected to CPPM-Prof

how can I reduce the time of the users that cannot authneticate?

the reason that I dont want them to stay connected because they are getting ip address from the pool. this is why I prefer their session to be dropped if not authenticated.
Original Message:
Sent: Sep 14, 2022 05:46 AM
From: Herman Robers
Subject: How to drop un-authenticated user or reduce their connection time?

This is what is expected to be normal. If users don't authenticate to the captive portal, they will stick in the captive portal redirect role, because you won't know if they don't authenticate or don't have credentials to authenticate. You may do something with MAC authentication and 'reject' those clients after a certain amount of time, but then they can't authenticate once they get the credentials if they are disconnected. In general, WiFi clients will just reconnect if they get disconnected.

What would be the reason that users can't authenticate?
What would be the reason that you want to 'reduce the time'?

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Sep 14, 2022 05:26 AM
From: Samir Rafid
Subject: How to drop un-authenticated user or reduce their connection time?

Hi,

I have Guest SSID that authenticate users with Captive portal.

however, when user can't authenticate, it seems to get IP address and show up connected to CPPM-Prof

how can I reduce the time of the users that cannot authneticate?

If that is the case, set the SSID to be a PSK SSID.  Otherwise, there is no way to accomplish this on an open SSID.

------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
------------------------------

Original Message:
Sent: Sep 14, 2022 05:57 AM
From: Samir Rafid
Subject: How to drop un-authenticated user or reduce their connection time?

the reason that I dont want them to stay connected because they are getting ip address from the pool. this is why I prefer their session to be dropped if not authenticated.
Original Message:
Sent: Sep 14, 2022 05:46 AM
From: Herman Robers
Subject: How to drop un-authenticated user or reduce their connection time?

This is what is expected to be normal. If users don't authenticate to the captive portal, they will stick in the captive portal redirect role, because you won't know if they don't authenticate or don't have credentials to authenticate. You may do something with MAC authentication and 'reject' those clients after a certain amount of time, but then they can't authenticate once they get the credentials if they are disconnected. In general, WiFi clients will just reconnect if they get disconnected.

What would be the reason that users can't authenticate?
What would be the reason that you want to 'reduce the time'?

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

Original Message:
Sent: Sep 14, 2022 05:26 AM
From: Samir Rafid
Subject: How to drop un-authenticated user or reduce their connection time?

Hi,

I have Guest SSID that authenticate users with Captive portal.

however, when user can't authenticate, it seems to get IP address and show up connected to CPPM-Prof

how can I reduce the time of the users that cannot authneticate?