07-02-2013 04:44 AM - edited 07-04-2021 12:19 AM
I have my guest wireless accepting terms through a web portal, but it seems they have to accept these terms about every 30 minutes to an hour to get access to the internet again. They are not idle, their session just stops working, and when they open a new browser it redirects them to the web portal. Is there a timer for this somewhere that I am missing?
07-02-2013 04:48 AM
You have two timers... one is the session timeout which is configured in the WLAN advanced tab. I usually set that to 8 or 12 hours. Then on the Controller tab in the GUI, you have an idle timer, I would set that to 2 (7200 sec) hours or 4 (14400 sec) hours. Give that a try. With newer code versions, you can set the idle timer on the WLAN and not have to touch the global setting.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
07-02-2013 07:14 PM
Hello,
From the Lifetime drop-down lists, choose the amount of time (in days, hours, minutes, and seconds) that this guest user account is to remain active. A value of zero (0) for all four text boxes creates a permanent account.
Default: 1 day
Range: 5 minutes to 30 days
Note The smaller of this value or the session timeout for the guest WLAN, which is the WLAN on which the guest account is created, takes precedence. For example, if a WLAN session timeout is due to expire in 30 minutes but the guest account lifetime has 10 minutes remaining, the account is deleted in 10 minutes upon guest account expiry. Similarly, if the WLAN session timeout expires before the guest account lifetime, the client experiences a recurring session timeout that requires reauthentication.
Note You can change a guest user account with a nonzero lifetime to another lifetime value at any time while the account is active. However, to make a guest user account permanent using the controller GUI, you must delete the account and create it again. If desired, you can use the config netuser lifetime user_name 0 command to make a guest user account permanent without deleting and recreating it.
For more information, Please check the following cisco doc:
http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70users.html
07-03-2013 09:31 AM
Did the client roam? I don't think it is some session timeout or idle timeout issue if client did not hibernate. also nothing to do with client life time.
get debug client for the real reason why it is back in webauth_req status.
btw if radio get reset the issue may also happen, but again first get debug client
Sent from Cisco Technical Support iPhone App
07-03-2013 10:36 AM
WebAuth and Apple devices when the screen sleeps, typically that's when the idle timer starts. This is a know issue when using WebAuth and you have iPads or iPhones. The idle timer needs to be increase or else you will have to login every 5 minutes which is the default timer. That is after the iPad or iPhone sleeps. Passthrough also will request you hit the accept button.
Just look at the client status in the WLC. If you see the idle timer counting down, then you will eventually not see the client once it expires. This means you have to login again.
Sent from Cisco Technical Support iPhone App
01-23-2014 10:16 AM
Scott
Where do I go to view the idle timer? All I see on the Clients detail page is UpTime and Timeout values. UpTime time is raising while the Timeout value is static.
running version 7.4.110.0 on a 5508.
01-23-2014 06:17 PM
Jason,
I think I was looking at the sleeping client feature.... I was looking at it again and did notice that after the idle timer expired and when using sleeping client, the client mac address would appear on the sleeping client section and that would start counting down. There isn't a value for the idle timer, which would be nice though.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
01-23-2014 09:00 PM
Thanks. I opened a case and learned that option is in v7.5. There was a reason why we didn't jump from 7.3 to 7.5 now I have to remember why.
02-01-2014 10:38 AM
I installed v7.5 configured the sleeping client feature and I'm not getting the desired result. My test device (Ipod model MD067LL/A) isn't being added to the sleeping clients list. I saw the following in the configuration guide.
I don't think that applies to my situation.
The WLANs configuration is below.
WLAN Identifier.................................. 4
Profile Name..................................... xxxxxxxxxx
Network Name (SSID).............................. xxxxxxxxxx
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status
Radius Profiling ............................ Disabled
DHCP ....................................... Disabled
HTTP ....................................... Disabled
Local Profiling ............................. Disabled
DHCP ....................................... Disabled
HTTP ....................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 0
Exclusionlist.................................... Disabled
Session Timeout.................................. 36000 seconds
User Idle Timeout................................ 300 seconds
Sleep Client..................................... enable
Sleep Client Timeout............................. 8 hours
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... xxxxxxxxxxxxxxx
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ xxxxxxxxxx
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
WLAN Layer2 ACL.................................. unconfigured
mDNS Status...................................... Disabled
mDNS Profile Name................................ unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
PMIPv6 Mobility Type............................. none
PMIPv6 MAG Profile........................... Unconfigured
PMIPv6 Default Realm......................... Unconfigured
PMIPv6 NAI Type.............................. Hexadecimal
Quality of Service............................... Silver
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
Accounting.................................... Global Servers
Interim Update............................. Disabled
Framed IPv6 Acct AVP ...................... Prefix
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Disabled
PSK..................................... Enabled
CCKM.................................... Disabled
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Disabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Disabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Enabled
IPv4 ACL........................................ Unconfigured
IPv6 ACL........................................ Unconfigured
Web-Auth Flex ACL............................... Unconfigured
Email Input..................................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
FlexConnect Local Switching................... Enabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
flexconnect PPPoE pass-through................ Disabled
flexconnect local-switching IP-source-guar.... Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Disabled
Client MFP.................................... Disabled
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
02-01-2014 10:54 AM
With sleeping clients, it only works with layer 3 using WebAuth. Since you have a layer 2 and passthrough, you device will not be out into the sleeping client role. It will only work with layer 2 being open and layer 3 using WebAuth.
Sent from Cisco Technical Support iPhone App
02-01-2014 10:56 AM
thx
02-01-2014 11:01 AM
Just create a test SSID with WebAuth so you can see the process. Once the idle timer expires, the client will be put in the sleeping client.
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide