cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
562
Views
0
Helpful
4
Replies

how to kick guest user when user quota has exhausted

0600648902
Level 1
Level 1

Hi,

I have wlc and acs v4.0. Currently, I am using layer 3 security with web authentication and has been succesfully integrated with ACS for authentication. User quota has been set so that when user has reached its quota, may not be able to log in again. But problem occurs when the user has not logged out, it still can connect to network although its account at ACS shows disabled because of its quota limitation. So, is it a way to kick the user out, when the user has reached its quota ?

Radius accounting has been properly set. and AAA override has been set on appropriate wlan ssid.

Regards,

Suwandy

4 Replies 4

vergeerf
Level 1
Level 1

as far as I know that should be possible if you enable 'support for RFC3576'. This allows the radius server to dynamic change a user session (so called CoA messages). You can enable this support on the radius authentication setup page of your controller

thanks for your reply.

do you mean "allow AAA override" ? If so, I have tried it and it works for changing user session by radius server. But the problem is, radius server do not send the user-session parameter dynamically. How can the radius send/calculate the remaining session time to wlc ?

You can enable the "Enable Session Timeout"

Thanks, Edward.

Where should I enable that parameter ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: