Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

how to kick guest user when user quota has exhausted

Hi,

I have wlc and acs v4.0. Currently, I am using layer 3 security with web authentication and has been succesfully integrated with ACS for authentication. User quota has been set so that when user has reached its quota, may not be able to log in again. But problem occurs when the user has not logged out, it still can connect to network although its account at ACS shows disabled because of its quota limitation. So, is it a way to kick the user out, when the user has reached its quota ?

Radius accounting has been properly set. and AAA override has been set on appropriate wlan ssid.

Regards,

Suwandy

4 REPLIES
Community Member

Re: how to kick guest user when user quota has exhausted

as far as I know that should be possible if you enable 'support for RFC3576'. This allows the radius server to dynamic change a user session (so called CoA messages). You can enable this support on the radius authentication setup page of your controller

Community Member

Re: how to kick guest user when user quota has exhausted

thanks for your reply.

do you mean "allow AAA override" ? If so, I have tried it and it works for changing user session by radius server. But the problem is, radius server do not send the user-session parameter dynamically. How can the radius send/calculate the remaining session time to wlc ?

Community Member

Re: how to kick guest user when user quota has exhausted

You can enable the "Enable Session Timeout"

Community Member

Re: how to kick guest user when user quota has exhausted

Thanks, Edward.

Where should I enable that parameter ?

263
Views
0
Helpful
4
Replies
CreatePlease to create content