Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
489
Views
0
Helpful
1
Replies

NAC Guest Server - locked accounts

kai.freese
Level 1
Level 1

‎01-22-2013 03:07 AM - edited ‎03-10-2019 08:00 PM

Hi all,

we have running a wireless guest network with an anchor WLC in a DMZ. This WLC is running web authentication, a NAC Guest Server (NGS) is acting as RADIUS server. All that is working fine so far.

Following situation occurs:

Some guest users were successful logged in. Due to a small and short network outage (failover time) these guest users got disconneted from anchor WLC and due to the same outage the disconnect message from WLC did not reach the NGS. So for the NGS it looks like a still connected session for these accounts.

But because of maximum concurrent connections is set to 1 no more logins are possible now for these accounts.

Is there any way to manually log out such "active" connections? Or is there a timeout for active but non-responsive connections on NGS, if yes can it be modified to smaller values?

Or is the only solution to deactivate these accounts and to create new?

Thanks

Kai

Labels:
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

‎01-22-2013 06:10 AM

Hi,

It looks as if your only option is to wait for the account to expire, or delete the account (starting in version 2.0.4 it looks as if the feature enhancement to delete the user account was available.

There isnt a way that a radius server automatically times out a radius session, unless you restart its services.

You may have to check with TAC to see if this can be reviewed as a feature enhancement.

Sent from Cisco Technical Support iPad App

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents