cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
235
Views
0
Helpful
3
Replies

Guest WIFI - Reauth Time

Adam Hinchliff
Level 1
Level 1

Hi,

We are using Meraki MR wireless with a concentrator for our guest wifi which is using ISE for auth. 

We seem to have a three day limit where user auth onto the WIFI and three days later they are connected to the Guest wifi however have to "forget" network and reauth to get internet back.

 

Is this possible related to random mac address or is there a setting where we can increase the session time per device?

Ise 3.1 

Meraki MR

Central concentrator

3 Replies 3

From what I get 

1- you use guest 

2- you use MAC remember me 

Then the mac can remove from internal identity due to purge policy 

https://www.google.com/amp/s/www.moderncyber.com/blog/cisco-ise-loves-the-purge%3fhs_amp=true

MHM

balaji.bandi
Hall of Fame
Hall of Fame

how is authentication method, just splash page and accept policy and login, or user will input username and password sponsors portal ?

We seem to have a three day limit 

so the user has 3 days limit after that it expires right. again the question for back to first one i asked.

First you need to make a decision how long the guest user can connect along with idle timeout. 

what is the requirement ? is the user need to connect automatically ?

check some couple of example what can be done :

https://documentation.meraki.com/MR/Encryption_and_Authentication/CWA_-_Central_Web_Authentication_with_Cisco_ISE

https://community.cisco.com/t5/security-knowledge-base/how-to-integrate-meraki-networks-with-ise/ta-p/3618650#toc-hId-1698062875

Regarding the random MAC there is some Limitation. 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Meraki_and_MAC_Address_Randomization

check ISE document for session for guest to to tweak : (Guest and Sponsor Accounts)

https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/admin_guide/b_ise_admin_3_1/b_ISE_admin_31_guest.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

To clarify the behavior we are seeing, 

After approximately 3 days, a wireless guest client is joined to the network still but its showing "not internet" which i thought may indicate its waiting to re authenticate before being forwarded to internet access granted. 

To resolve this they forget the network and reauth back onto the network.