Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
494
Views
0
Helpful
5
Replies

Web Auth with Mac Filtering

Go to solution
Nicholas Copeland
Level 4
Level 4

‎02-27-2013 10:03 AM - edited ‎07-03-2021 11:38 PM

I am trying to setup a scenario where a user logs in via Web Auth and witha  successfull connection the Mac Address is remembered for 7 days. That way if the user connects again during the course of 7 days they aren't required to authenticate via web auth again they just get access. After 7 days they will need to login again through the web auth. Similar scenario to what you see at a Hotel wireless network. Anyone know how I would go about setting up the dyanmic mac filtering and set the timer for 7 days? With that said I want it to be for a single SSID.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎02-27-2013 10:30 AM

Not possible.... the reason being is the max timer for the session timeout on the guest WLAN.  Also when the user sits idle, the idle timeout start counting down.  So having the WLC remember the mac address and allow x number of days before having to log back on, is not possible.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎02-27-2013 10:30 AM

Not possible.... the reason being is the max timer for the session timeout on the guest WLAN.  Also when the user sits idle, the idle timeout start counting down.  So having the WLC remember the mac address and allow x number of days before having to log back on, is not possible.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Nicholas Copeland
Level 4
Level 4
In response to Scott Fella

‎02-27-2013 12:21 PM

That's what I was afraid of. But kind of what I thought based off some of the research I have done.

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Nicholas Copeland

‎02-27-2013 12:37 PM

Yeah it been asked many times so maybe one day it will be possible.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to Scott Fella

‎02-27-2013 12:43 PM

well, it's not possible with just the WLC.

You can do it, but you need to have a way to pull the MAC address from the webauth page, and insert that into a LDAP db, which you control the age out process in.

Then on a subsequent visits they get mac-authed instead of having to re-accept the page.

in the webauth config you would check the On MAC filter failure box.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
Nicholas Copeland
Level 4
Level 4
In response to Stephen Rodriguez

‎02-27-2013 12:54 PM

Yes so that is kind of what I will do with ISE. I just won't be able to age out the device from the db automatically. It will have to be a manual process from my understanding with the latest version of ISE.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card