WCS 4402 session timeout

Unanswered Question
Apr 30th, 2007
User Badges:

I was wondering if anyone knows the answer to this.

I am using a 4402 and on my guest WLAN there is a session timeout value. I am not using the web authentication.

After 10 mins of inactivity, I want to drop the session or re-authenticate the client. This appears to be happening behind the scenes. Is there anywhere that I can tell that the re-auth is happening ??

Either on the client or on the 4402 ?

I need some sort of way to prove that this is actually happening and not just smoke and mirrors.

Does anyone know where I can find this.

Thanks in Advance for the help !

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Rob Huffman Mon, 04/30/2007 - 06:00
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 IP Telephony, Unified Communications

Hi Pieter,


On the WLC


The session timeout parameter in the WLAN > Edit page can be used to accomplish this. By default the session timeout parameter is configured for 1800 seconds before a reauthentication happens.


Change this value to 600 seconds in order to make the client reauthenticate after ten minutes.



WLANs > Edit


This page allows you to edit the configurable parameters for a WLAN. The WLAN ID and WLAN SSID are displayed at the top of the page.


Session Timeout

Set the maximum time for a client session before requiring reauthorization. Default = 1800 seconds.


From this doc;


http://www.cisco.com/en/US/products/ps6366/products_user_guide_chapter09186a00805a6b28.html#wp1040213

Hope this helps!

Rob

pcanters Mon, 04/30/2007 - 06:20
User Badges:

Rob,

Thanks for your response.

One last follow up question

Is there any way that I can verify that this re-authentication is actually happening on either the WLC or on the client itself ?

The setting seems to indicate that this re-authentication is supposed to happen but I need to corroborate in some way that this is truly occuring.

Pieter

Rob Huffman Tue, 05/01/2007 - 06:05
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 IP Telephony, Unified Communications

Hi Pieter,


That is an excellent question! If you know the Client mac you could probably use this;


(Cisco Controller) >show client detail 00:40:96:a9:fa:a0


Client MAC Address............................... 00:40:96:a9:fa:a0

Client Username................................. N/A

AP MAC Address................................... 00:0b:85:23:cc:50

Client State..................................... Associated

Wireless LAN Id.................................. 1

BSSID............................................ 00:0b:85:23:cc:50

Channel.......................................... 36

IP Address....................................... Unknown

Association Id................................... 1

Authentication Algorithm......................... Open System

Reason Code...................................... 0

Status Code...................................... 0

Session Timeout.................................. 1800

Re-Authentication Timeout........................ 1800

Remaining Re-Authentication Time................. 1790

QoS Level........................................ Silver

Diff Serv Code Point (DSCP)...................... disabled

802.1P Priority Tag.............................. disabled

Mobility State................................... Export Foreign

Mobility Anchor IP Address....................... 40.1.3.10

Mobility Move Count.............................. 0

Security Policy Completed........................ Yes

Policy Manager State............................. RUN

Policy Manager Rule Created...................... No

Policy Type...................................... N/A

Encryption Cipher................................ None

EAP Type......................................... Unknown

Interface........................................ guest-vlan

VLAN............................................. 60


From this doc;


http://www.cisco.com/en/US/products/ps6366/prod_technical_reference09186a0080706f5f.html#wp1111008


Hope this helps!

Rob

pcanters Wed, 05/02/2007 - 07:50
User Badges:

Thanks Rob !!

The whole thing is vague but this ought to work.

Actions

This Discussion

 

 

Trending Topics - Security & Network