We have a primary controller (4402 - 50) and a small 4402-12 setup as a anchor for guest access. All guest traffic (for Internet access only) is sent through the guest controller - located on our DMZ.
Guest users were complaining that they were getting knocked off the system after 30 minutes. They needed to re-authenticate. This would happen regardless if they were VPN'd in to their host, or on the Internet.
We removed the timeout feature (deselected it) on both controllers. The issue then goes away. The users are never bumped off.
We then changed the inactivity timeout to 1 hour. Users were getting bumped off after 30 minutes.
We then changed the timeout to 2 hours. Now it appears that the connection stays in place about 40 minutes.
Note that we are changing the timeout to be the same on both controllers.
First - has anyone found that that timeout feature is not accurate fro an actual âtimeâ perspective ?
Second - why would a user that is actively on the system, surfing and moving between sites be kicked off? It is like the anchor does not see the traffic - and views the connection as idle.
Note that we do not have inactivity issue with workstations connected through our primary WLC, just with guest traffic