Is there a more granular way of enforcing Session Timeout for users on the WLC?
When I use Cisco BBSM with my radius server, the session-timeout value is honored and I could set time of day restrictions within Radius for myt Guest users.
However, with the WLC, it ignores these radius session-timeout values and only uses it own WLAN Session Timeout value.
I don't want Guests to re-authenticate (via Web Authentication) during the day based on the WLAN Session Timeout value. Imagine if I set it to timeout after 8 hours (a normal working day), but that user logged in at 4.49pm.
The RADIUS attribute 27 is used in order to configure the session-timeout values. This works only for controller timeout . But you can also try for client timeouts. order to set this, choose user/group setup > Edit Settings > Radius[5842\001], and type the session timeout value in the Cisco-Aironet-Session-Timeout box. If this attribute is not listed under user/group setup, choose Interface config > Radius (IETF), and check the attribute  Session-Timeout for user/group.