Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1236
Views
0
Helpful
2
Replies

WLC 5508 and Radius simultaneous logins "last login wins"

5bswan
Level 1
Level 1

‎10-18-2014 08:35 AM - edited ‎03-10-2019 10:07 PM

Hi all,

We have a campus wifi network using two Cisco 5508s (in an HA configuration) on 7.6 code and 2700-series APs.  For our corporate users we have an existing SSID doing 802.1x with vlan assignment to Microsoft NPS running on Windows 2012R2.  All that is working as expected.  Now, we have residences on this campus and we would like to provide internet access to them for their personal devices using a different SSID in what will be sort of an "internet cafe".  

We would like to limit simultaneous logins to that SSID to one device in a "last device wins" scenario, meaning that if I login to device A with my account, then a short time later login to device B using the same account, device A gets kicked off the wifi.  I've seen this sort of setup occur in hotels and such but I'm not sure the mechanics of how they're doing it on the back end. Can this type of setup be accomplished with RADIUS on NPS (or ACS? FreeRadius?) or is there other special software required?  I'm aware of the "limit logins" setting in the WLC, but I'm under the impression that only applies to users created on the WLC itself?  I tested it briefly with our existing RADIUS setup and it didn't seem to work.

Thanks!

Brian

1 person had this problem
Labels:
0 Helpful
2 Replies 2

Saurav Lodh
Level 7
Level 7

‎10-21-2014 05:39 PM

The Maximum Number of Concurrent Logins for a single user name by default is 0. You can enter any value between 0 and 8. This parameter can be set at SECURITY > AAA > User Login Policies and allows you to specify the maximum number of concurrent logins for a single client name, between one and eight, or 0 = unlimited. Here is an example:

wlc-authenticate-03.gif

0 Helpful

5bswan
Level 1
Level 1
In response to Saurav Lodh

‎12-09-2014 06:39 AM

Sorry for the delayed response, we got side-tracked on other things.  I'm aware of the above configuration option (and have it set currently) but what I was hoping for was a "last login wins" scenario such that if we were to allow 1 login, and one device is already authenticated, the next device that authenticates with those credentials would kick off the previous one.  Similar to what you see these days in hot spot scenarios at hotels and such.  I'm thinking that the functionality I'm looking for isn't really support in the WLC and probably needs a different appliance to front-end the authentication.

 

0 Helpful
Customers Also Viewed These Support Documents