02-22-2012 10:47 AM - edited 07-03-2021 09:38 PM
I work on a college campus that has thousands of students a day accessing our wireless network. We have broadcast SSID that the students use to connect to the internet. The students usually have more than one WiFi enable device on them and their laptops and phones both take an IP address, but they are only using the laptop to authenticate while the phone is associted, but not authenticated. In the meantime, I have several thousand IPs being used by their phones/iPods etc.
Is there a way to revoke the DHCP lease if the client does not authenticate within a specified time frame (i.e. 10 minutes)?
02-22-2012 11:18 AM
What type of security are you using on the WLAN? If it is web-auth then clients will always use up a DHCP address as they are technically authenticated in terms of wireless, but are being held at the captive portal.
02-22-2012 12:48 PM
The settings are the WLAN are:
1. Layer 3 security: None
2. Web Policy
3. Authentication
02-23-2012 11:54 PM
Andrew,
From the dhcp server's pov, an ip's availability is a function of when it was last leased or renewed. There's a timer on each lease, and the ip doesn't go back into the pool until the timer runs out.
Consider reducing your dhcp lease time to 30 min. Renewals will happen every 15 min and an address will re-enter the pool after the lease expires, ie., 30 mins for clients that associate on but don't authenticate.
I might suggest an even shorter lease, but you want to be careful not to overwhelm your dhcp server with frequent renewal requests. Most dhcp servers seem to poorly handle any kind of load beyond a few transactions per second.
A drawback to short leases on a weauth'd WLAN is that users may find themselves having to reauth a lot more throughout the day.
Alternatively, you can expand your pool scope size.
Justin
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide