02-06-2014 11:08 PM - edited 07-05-2021 12:07 AM
Hi,
We have a Guest WLAN where an pre authentication ACL is configured. It works but the client gets disconnected after a while. The session time-out / idle time out etc. is configured on a higher value than the actuel disconnect (+/- 15min) takes place.
When the client is authenticated (and does not use the pre auth ACL) the client doesn't get disconnected.
It seems like the same issue as the following threads but it doesn't state a solution :
https://supportforums.cisco.com/message/3687872#3687872
https://supportforums.cisco.com/message/3424053
I'm running code 7.4.110.0
any ideas ?
Solved! Go to Solution.
02-06-2014 11:24 PM
Hi,
If clients are in Webauth_Reqd state, no matter if they are active or idle, the clients will get de-authenticated after a web-auth required timeout period (for example, 300 seconds and this time is non-user configurable). All traffic from the client (allowed via Pre-Auth ACL) will be disrupted. If the client associates again, it will move back to the Webauth_Reqd state.
There is an enhancement request filed esp. for your situation with Pre-auth ACL.
CSCtj32812 DHCP Option to mitigate the problem of guest client rejoining network
https://tools.cisco.com/bugsearch/bug/CSCtj32812
Regards
Dont forget to rate helpful posts
02-06-2014 11:16 PM
Change the idle timeout to 86400 sec.
Login to controller GUI :
THEN go to Controller > General on this page you will see User idle Timeout, change the value to 86400 sec(By default is 300 sec)
Try this and let me know.
Reagrds
02-06-2014 11:24 PM
Hi,
If clients are in Webauth_Reqd state, no matter if they are active or idle, the clients will get de-authenticated after a web-auth required timeout period (for example, 300 seconds and this time is non-user configurable). All traffic from the client (allowed via Pre-Auth ACL) will be disrupted. If the client associates again, it will move back to the Webauth_Reqd state.
There is an enhancement request filed esp. for your situation with Pre-auth ACL.
CSCtj32812 DHCP Option to mitigate the problem of guest client rejoining network
https://tools.cisco.com/bugsearch/bug/CSCtj32812
Regards
Dont forget to rate helpful posts
02-07-2014 12:14 AM
Thanks. If I understand it correctly a client in Web-auth required state will be deleted after 5 mins. At that time sessions of the client will be killed and need to be setup again.
Bottom line is at that point that the pre-authentication ACL is very limited in use.`
Thanks for your reply !
02-07-2014 12:36 AM
Yes.
I think cisco is working on this this and may be soon they will comeout of this issue.
Reagrds
Dont forget to arte helpful answer, also mark this questiona s answered, it may help others.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: