cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3601
Views
10
Helpful
7
Replies

7.5 web-auth client sleep timer feature

Anthony Poli
Level 5
Level 5

                   The 7.5 release advertises the ability to configure a timeout value so that guest clients which go to sleep are not re-prompted for web-auth.  Does anyone know if 7.5 would only be required on the anchor WLC or must it also be on the foreign?  We utilize web-auth for a guest WLAN and anchor it to a WLC in the DMZ.  Preference would be to NOT load 7.5 on every WLC we have and only upgrade our guest anchor.

Thanks!

Anthony

1 Accepted Solution

Accepted Solutions

Scott Fella
Hall of Fame
Hall of Fame

Since the client associates to the foreign wlc, the timers are set there.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

7 Replies 7

Scott Fella
Hall of Fame
Hall of Fame

Since the client associates to the foreign wlc, the timers are set there.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Thanks Scott.

We upgraded a test WLC to confirm this behavior.

One thing I failed to mention is that we are using web-passthrough instead of authentication, which appears to be the only way to utilize the sleep timer, officially.  If you select web-passthrough, the sleep selection is not available.  I found a workaround by selecting web-passthrough in the GUI, then enabling the sleep timer via CLI which then made it appear in the GUI!  Odd, but it's working the way we want it to so far.

Thanks again.

Anthony

Yeah... sleeping clients is used only for the captive portal, which I though you were using:)  During your test, did you anchor it and which one did you set the timers on? 

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

We only upgraded the foreign WLC to 7.5.  The anchor is still 7.4, so all the configuration was on the foreign side. 

This guest SSID has always been in an anchor configuration.

Anthony

Okay... for some reason I was thinking you got it to work just on the anchor.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Hi Scott ( and all ),

 

I was making some tests with sleeping client with a infrastructure like this:

- 2 foreign ( 5508 ) with the APs and client association

- 2 anchor ( 4402 ) on the DMZ

- radius for client auth

 

From my understand the :

- clients are associated to the foreign but

- the authentication is forwarded to the anchor

( I can see the request on the radius with the anchor NAS IP address and, before the client is authenticated, i get the status as REQ_D state on the anchor )

So I suppose the sleeping client feature should be on the anchor ( or on both wontroller ) and not only on the foreign. I'm wrong ?

 

If You've some Idea to let it works with only sleeping config on the foreign i will solve one big issue because my anchors are 4402 without sleeping feature available.

 

All is working fine on the foreign if I remove the anchor configuration ( by the way, like this isn't anymore a foreign )

what you're seeing is right.

//Sleeping client feature was developed to work only for WLAN with Web Auth security. Web Pass through is not supported.

https://tools.cisco.com/bugsearch/bug/CSCuj26050

CSCuj26050 Sleeping client feature fails with Web Passthrough

Review Cisco Networking for a $25 gift card