07-05-2007 06:01 AM - edited 07-03-2021 02:18 PM
Is there a more granular way of enforcing Session Timeout for users on the WLC?
When I use Cisco BBSM with my radius server, the session-timeout value is honored and I could set time of day restrictions within Radius for myt Guest users.
However, with the WLC, it ignores these radius session-timeout values and only uses it own WLAN Session Timeout value.
I don't want Guests to re-authenticate (via Web Authentication) during the day based on the WLAN Session Timeout value. Imagine if I set it to timeout after 8 hours (a normal working day), but that user logged in at 4.49pm.
Anyone got any pointers please?
07-11-2007 01:10 PM
The RADIUS attribute 27 is used in order to configure the session-timeout values. This works only for controller timeout . But you can also try for client timeouts. order to set this, choose user/group setup > Edit Settings > Radius[5842\001], and type the session timeout value in the Cisco-Aironet-Session-Timeout box. If this attribute is not listed under user/group setup, choose Interface config > Radius (IETF), and check the attribute [027] Session-Timeout for user/group.
07-12-2007 01:48 AM
I had configured my Radius server to send session-timeout values, however, they were not being honoured.
After rechecking the AAA debug trace, I realised that the "AllowRadiusOverride is FALSE" error was my sticking point.
After enabling AAA Overide on the WLAN security, my session-timeout values worked!
Thanks!
07-23-2007 02:07 AM
Hi, I have same issue with you.. Where can I find the "AllowRadiusOverride is FALSE"?
Thanks
07-23-2007 03:21 AM
I saw the "AllowRadiusOverride is FALSE" message when I had debug aaa all enabled.
To enable AAA overide from a controller, select "Allow AAA Overide" from the Advanced Tab on WLAN edit.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide