cancel
Showing results for 
Search instead for 
Did you mean: 

advice on client scheduling and restrictions

advice on client scheduling and restrictions

admin32
New Contributor

In a school environment we have user profiles that have appropriate availability schedules based on student age levels , bedtime disconnection of client devices, different weekend schedules to school day schedules etc. This  has worked for couple of years ok, Apart from the overnight disconnected state causes the networks health scores to look really bad permanately

Now I am tasked with users needing access to one site (semi permanently) so basically some sort of firewall policy involved that overides the actual permitted scheduled hours for that site/app. One particular site that needs wifi but all other access is regulated to the predetermined times.

 

So looking for possible redirection of user profiles depending on time schedules

or

Do I actually reconfigure to have  students connected 24hrs a day, with dns, ip etc, (solving the health scores hopefully)

and then have some sort of complex firewall policy with time based allowance levels or redirections to allow or disconnect internet traffic to schedules.

i don’t actually think what i’m asking is achievable without 3rd party firewall controls externally to aerohive but open to suggestions

1 ACCEPTED SOLUTION

SamPirok
Community Manager Community Manager
Community Manager

Thank you for clarifying, I don’t think that is something we can do in the XIQ set up, I believe you would need to use your network firewall for that level of granular control. 

View solution in original post

6 REPLIES 6

admin32
New Contributor

Hi Sam

Thanks But that’s confused me totally. The SSID user profile section doesn’t have a scheduling section that I can see?

there is a SSID schedule setting under additional settings but can’t see that’s relevant.

We have a list of user profiles under the “apply different user profiles to various clients and user groups”

each one is, through radius selecting a year group and has a corresponding assignment rule and an availability schedule already setup in the user profile

are you saying to create a new user profile at the top of the list when you say rule?

a profile using the same criteria of radius attributes, vlan assignments etc as the existing profile but with its own independent schedule and a traffic firewall that will apply first because its higher in the list.

SamPirok
Community Manager Community Manager
Community Manager

Thank you for your patience while we looked in to this for you. If you go in to the SSID User Profile section and check “Apply a different user profile to various clients and user groups”, you should then see the scheduling section. To allow access to one site while keeping your other rules/restrictions in place, just add the rule allowing access to the permanently accessible site first, and then the rest of your rules after that. The rules are applied in a top down order, so the rule to allow access to that site will be applied before any of the rules restricting access to other sites are applied. Is that what you were looking for?

GTM-P2G8KFN