Extreme Networks

Jim_Seaman · ‎10-17-2013

Disabling open/guest SSID networks in the middle of the night would be neat for a level of security for an SSID with hardly any security.

Branden_Henner1 · ‎10-17-2013

Woah. Over thinking it buddy. Just fire up the NPS role on your AD server and point auth on the controller to it. Pretty simple. Don't do anything on the switches. Edit: create the appropriate policies in NPS of course.

Jim_Seaman · ‎10-17-2013

Currently, we aren't running radius. I would have to enable radius and eapol (as far as switch commands) on all the switches and force muliauth to the APs and build policies on Network Policy on Windows as far as first steps to possibly getting this feature going? I'll be going to enterasys training soon. Maybe I should wait after completing the training.

Ferguson__Scott · ‎10-17-2013

Thanks you for your input. This is also on our product roadmap and is currently targeted for mid - late summer of 2014.

Branden_Henner1 · ‎10-17-2013

Unfortunately, this functionality is not available without purchasing Enterasys NAC. Here is a work around. Create an internal captive portal that authenticates to Active Directory via radius. Create a group in Active Directory with only one account which would be a generic guest account. Use the captive portal editor to explain in the login process to use the generic user name and password. In radius or in NPS you can define a time of day in which that one user is allowed to authenticate. At that point you would need to create a short session timeout so that the user can't stay on all night. It is not pretty but unfortunately it is the only way I've found.

Extreme Networks

Disable Guest SSID based on set schedule.

Disable Guest SSID based on set schedule.