Anyone knows what the "Config Guest-lan Webauth exclude" command does in 5.0 controller code? Doesn't seem to be documented anywhere.
Allows you to turn off the webauth policy exclusion.
config wlan webauth-exclude disable
By default (somewhere around 4.0.179), a web-auth protected SSID will de-associate an unauthenticated client every 5 minutes to reclaim connections and resources. If you are implementing a pre-auth ACL to allow user access to say your external web server or DMZ without auth, then they will lose their connection every 5 minutes and re-associate again after 60 seconds. If you want them to stay connected to the resources specified in the pre-auth acl, but then be prompted to auth when accessing the Internet, then use this command. Keep in mind if you are broadcasting, then your guest wireless may begin to fill up with idle connections.