Longer session timeout - Page 2

CapUcisco · ‎09-03-2013

Hello,

We are using web-auth with a Radius server.

We need to increase the Session timeout to 30 days so that the clients need to re-authenticate after 30 days.

The maximum on our WLC 5500 is 65535 seconds (=18 hours).

How can we extend it to 30 days?

Thank you!

Val

Leo Laohoo · ‎09-05-2013

We use Microsoft's Netowrk Policy Server (NPS version 6) as a Radius server.

Are you using MS Group Policy? If this is so, then you will run into problems during the 30-day mark where you may have to force each client to update GP using the command "gpupdate /force".

Scott Fella · ‎09-05-2013

Here is the thing... you have student's but are the devices they are using, domain computers or are the personal computers? If they are personal computers, it probably best to use webauth and authenticate back to AD using a radius server (NPS). This way there is a captive portal page in which they login using their AD credentials and your done. Using EAP is generally for the staff in which they have domain computers and you can push our a GPO to configure the wireless policy. If the students use domain computers and you don't allow personal, then 802.1x PEAP is the way to go or you can use machine authentication since they are your devices.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Abhishek Abhishek · ‎09-05-2013

You can use the command “config wlan session-timeout wlan_id timeout” and check the maximum session timer supported.

Scott Fella · ‎09-05-2013

Sleeping client is supported on the 2504 as I have it setup at home. It's under the WLAN layer 3 tab. See the screen shot.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***