Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

WLC 5508 external web authenication mismatch with session timeout value

For guest clients , we have configured guest vlan and applied external web authenication on WLC 5508 , the session timeout value is 2700secons .

When a client open a browser to internet page , wlc will redirect to URL and get the login page . After completed the login , he can go to internet page .

We find the iPhone and ipad clients will get the login page again ahfter ~ 5 mins , it is mismatch with session timeout value 2700 sec (45 mins) .

5 REPLIES
Hall of Fame Super Silver

Re: WLC 5508 external web authenication mismatch with session ti

Easy fix.... on the wlan ssid, in the advanced tab, set your session timeout to something like 28800 (8 hours). Then on the Controller tab, change the idle time-out to something like 14400. These are the setting that have worked for me.

Sent from Cisco Technical Support iPad App

-Scott
*** Please rate helpful posts ***

Re: WLC 5508 external web authenication mismatch with session ti

Your issue seems with idle-timeout not session timeout.

It is configurable under controllers tab and it affects all SSIDs.

Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
New Member

Re: WLC 5508 external web authenication mismatch with session ti

Thank you for your advises .

I found the idle timeout is 43200 (config network usertimeout 43200)  ,  it is greater than session timeout . Also only some iPad and iPhone clients reported this issue , all laptops are working fine .

Hall of Fame Super Silver

Re: WLC 5508 external web authenication mismatch with session ti

On the GUI under the Controller tab, did you make sure the idle timeout there is set to 14400. It's a know problem with iPhones and iPads that require the user to log back on. So just try to set the session timeout to 28800 and the user idle to 14400. Test and then you can tweak the times to what you want.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Bronze

Re: WLC 5508 external web authenication mismatch with session ti

Hi, 
 
Remember that when working with layer 3 web authentication depending on the wireless 
client, if they go in to sleep mode, hibernation mode, disable the wireless card for
any power save option, close the  webbroswer if the client wifi card when doing this
sends a deauthentciation request to the AP then once they get out of the power save
mode or open the browser they will have to re login again.
 
To avoid this first you need to disable under the WLAN advance tab the session 
time out option since this is used only when working with layer 2 authentication
like WPA PSK or WEP, and then under the controller tab set the client idle time
out the 0 for infinite or the requested time.
 
 
1986
Views
0
Helpful
5
Replies