12-05-2012 11:34 AM - edited 07-03-2021 11:10 PM
I would like to set a time limit for how long a client can be continously connected to the WLAN that provides my guest internet access. The user name/password is hosted on my ACS and authentication is provided by my Cisco NAC. I am using 5508 controllers (7.02) and WCS.
Somewhere in this combination of stuff, there has to be a way to set a two hour time limit.
12-05-2012 02:23 PM
guess the acs should have account expiration limit configurable per user.
you can create guest account using lobby ambassador with time attached to the user.
12-05-2012 04:58 PM
If you are looking for your guest to get kicked off which requires them to log back in .. One option would be to set the WLAN session timeout to 2 hours.
__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."
12-06-2012 07:51 AM
Like this?
12-06-2012 11:45 AM
The WLAN Session timeout is a hard limit for all users on the WLAN.
To my knowledge, the WLC should also honor AV-Pair 27 (session-timeout) if you set it through radius.... This would enforce a session reauthentication based on a value dynamically set through radius, opposed to a fixed value on the wlan...
With that said, the fixed "session timeout" on the wlan is the quick an easy method....
12-06-2012 12:45 PM
Marcreidwch,
Correct ...
Wes,
... how ya been ? +5 good response. Didnt think of that ..
__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."
12-07-2012 12:34 PM
oh ya, IETF RADIUS Session-Timeout attribute (27).
12-11-2012 03:23 PM
I am pretty sure the session time out would only work if you have a splash screen. Since this time out dosent kick the users off but makes sends a reauth
Tom
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: