Hi.
I want to use encryption for guest access.
In order to use the "RADIUS-NAC" in the WLC, you can not use or "Open + MAC" only "WPA + dot1".
(Specification of the WLC)
When the "Open + MAC", return from the ISE at the time of the "Web Authentication" in the "Session-Timeout Attribute", I was able to forcibly disconnect the radio.
(Attribute is the same value as the (ISE TimeProfile) time the guest user can use)
If you connect to a wireless terminal to forced disconnect after screen of Web authentication is displayed, you can not login.
(Because the account has been revoked)
I want to make even dot1x this environment.
However, because it becomes the "re-authentication time" If dot1x, as long as the terminal is connected to the radio, it is not cut.
In addition, even in the setting of "Attribute Termination-Action = Default", does not return until the Web authentication.
(Status of the WLC remains "Auth Yes")
(Session of the ISE remains "Started")
Use the (EAP) Dot1x, Can I "is allowed to forcibly disconnected," "to match the time of TimeProfile" in the same way as "Open + MAC" thing?
Thank you.