05-15-2018 07:28 AM - edited 02-21-2020 10:56 AM
Hi,
I am using hotspot portal for guest access with just AUP accept, i have my guest endpoint identity group set to purge everyday at 1:00 AM (elapsed days greater than 1) my aim to get the guests just one day access and to be purge after a day while still using hotspot portal.
My question is, an endpoint that is created at 1:01 AM will not be purged the next day at 1:00 AM as the elapsed days is not yet 1 day and the endpoint will end up getting access more than a day.
is there a work around for this situation?
Thanks
05-15-2018 11:58 AM - edited 05-15-2018 11:59 AM
Hi Mounica
I think the endpoint is just taking slightly more than a day (maybe few minutes for ISE processing and COA) until the elapsed timer triggers and Hotspot portal issues a Termination CoA to the WLC and terminate the Client.
I'm not sure what Cisco ISE version are running at your side but in Cisco ISE 2.3 There is an authorization condition that can be used to check the last AUP acceptance hours that maybe useful for you though I haven't tested it.
05-16-2018 09:49 AM
Hi Mohammed,
I am using 2.3 as well, so what you meant to say is, i should write a condition which says the endpoints in my endpoint guest identity group whose AUP hours are greater than 24 hours should get a terminate COA?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide