08-27-2008 01:26 AM - edited 07-03-2021 04:22 PM
Hi,
I have wlc and acs v4.0. Currently, I am using layer 3 security with web authentication and has been succesfully integrated with ACS for authentication. User quota has been set so that when user has reached its quota, may not be able to log in again. But problem occurs when the user has not logged out, it still can connect to network although its account at ACS shows disabled because of its quota limitation. So, is it a way to kick the user out, when the user has reached its quota ?
Radius accounting has been properly set. and AAA override has been set on appropriate wlan ssid.
Regards,
Suwandy
08-27-2008 08:05 AM
as far as I know that should be possible if you enable 'support for RFC3576'. This allows the radius server to dynamic change a user session (so called CoA messages). You can enable this support on the radius authentication setup page of your controller
08-31-2008 01:18 AM
thanks for your reply.
do you mean "allow AAA override" ? If so, I have tried it and it works for changing user session by radius server. But the problem is, radius server do not send the user-session parameter dynamically. How can the radius send/calculate the remaining session time to wlc ?
09-02-2008 07:52 PM
You can enable the "Enable Session Timeout"
09-05-2008 12:16 AM
Thanks, Edward.
Where should I enable that parameter ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: