Guest Access - Users connection times out while in use

Unanswered Question
Apr 22nd, 2009
User Badges:

Just installed a 4402 controller, 15 1242 ap's, configured WLAN and Guest WLAN, guests are prompted with the webauth login page while the account is active and they are working. Is there a timeout for inactivity?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Wed, 04/22/2009 - 15:24
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Change the session timeout in the WLC WLAN | Advanced tab. Set it higher like 14400 or 28800. See if that fixes your issue.

bryan.malmquist Thu, 04/23/2009 - 09:57
User Badges:

Thank you. I actually disabled the "Enable Session Timeout" function on the Guest WLAN under the advanced tab. Fixed the problem. As long as their user ID is only good for 8 hours I don't see the need in having yet another timeout feature. Thoughts?

Scott Fella Thu, 04/23/2009 - 10:16
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

I don't see any issue with disabling this... I have dome it.

weterry Fri, 04/24/2009 - 21:15
User Badges:
  • Silver, 250 points or more

I would go with fella5's first suggestion.


I could be mistaken but if you do not have a session timeout, then in theory the client could stay connected indefinetly, so long as he never disconnects to then have to re-authenticate.


For Example:

Client gets an 4 hour account.

Client connects and logs in.

Username is verified.

Client is allowed to join the network.

4 hours goes by and the username expires.

If client is still connected when the account expires, client still continues to work on the network because it never has to re-authenticate.


Opposed to:

Clients session times out every 60 minutes, so client must re-authenticate.

After his session-timeout after the 4 hours is up, his username is no longer valid and therefor can not authenticate again.


My suggestion is normally to set this value to whatever you set your account expirations to.


George Stefanick Sat, 04/25/2009 - 09:13
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, October 2015

You also want to make sure you have this disabled on all your controllers including your anchor contoller.



Has anyone done any testing on the effects this has on normal applications?


My peer did a study just last week on this issue with his vocera network. He experienced 1 to 1.5 seconds of "dead" air when the enable session kicked in ... The client received a DEAUTH frame which caused the client to do a totally new AUTH ...



Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode