Expiring end-system registration data in NAC

  • 0
  • 1
  • Question
  • Updated 4 years ago
  • Answered
We have a guest network with registration, that's set to expire users after a year. However, if users don't use the network much, they'll get removed by the Age End-Systems process, which removes devices not seen in 90 days (by default). There is a tickbox "Remove Associated Registration Data", which I was going to untick, but I wanted to see if anyone else has done this and what actually happens when the user reconnects after their end-system has been aged out?
Photo of James A

James A, Embassador

  • 7,492 Points 5k badge 2x thumb
  • curious

Posted 4 years ago

  • 0
  • 1
Photo of Kurt Semba

Kurt Semba, Employee

  • 1,462 Points 1k badge 2x thumb
Hi James,

here is the response I got from engineering on your question:

The ES will be aged out in NAC Mgr if there has been no activity for 90 days, however the registration data will remain.  So the next time they connect they will not have to register again (assuming that the 1 year date for the registration has not been reached and the registration aged through that process).  The feature was put in place in order to clear out stale registration data, assuming that if an ES had not connected for x number of days then the ES was no longer on the network and could be removed when the data persistence check ran. 

Does this help?
Kurt
Photo of James A

James A, Embassador

  • 7,492 Points 5k badge 2x thumb
It does, that's exactly the behaviour I want, thanks.