cancel
Showing results for 
Search instead for 
Did you mean: 

WiNG captive portal re-authentication timeout

WiNG captive portal re-authentication timeout

gluo
New Contributor II
Hi, I have setup a captive portal on a VX9000 and I noticed that every day the user has to re-enter the username and password. Is there a way to remain authenticated for as long as the user is valid? Also is there a way to un-authorize a certain user from the captive portal?
13 REPLIES 13

gluo
New Contributor II
Hi again,

I have one more question.
It seems that the maximum amount of time a captive portal guest can be inactive (meaning not connected to the wireless network) without the session to timeout and have to re-authenticate can be 24 hours . Is there any way to set it to more than 24 hours?
This would allow clients to remain connected over the weekend and not have to re-authenticate each Monday for example. Or maybe there is another way?

thank you in advance.

Ondrej_Lepa
Extreme Employee
Glad to help 🙂

Regards,
Ondrej

gluo
New Contributor II
Thank you Ondrej. Your help was enlightening!

Ondrej_Lepa
Extreme Employee
Hi Konstantinos,

here is new link - I probably checked wrong access rights.

Anyway, you are right about the self-registration. This allows everyone to access under condition client finishes registration. Might be OAUTH, Click&Tell etc...

If you provide the username / password you will capture MAC automatically as it is being recorded by Captive Portal. However, here we are hitting the limit of 86400 seconds.

cb7cae988742424fad66aa23025aad09_RackMultipart20170223-10115-lcz2wm-Radius5_inline.png



Then, yet another issue - if you select AAA policy to be used here, it does not receive any EAP ID from client - remember this is not set on client!

cb7cae988742424fad66aa23025aad09_RackMultipart20170223-84073-1j4jr3z-Radius6_inline.png



Any authentication method (other than MAC) requires client to be induced in identification. But with open network client does not provide any.
So in the end authentication request will failover back to Captive Portal.

I am afraid there is only solution for this use case - externally hosted custom pages capturing the MAC used with an CP voucher and creating a fake RADIUS guest user account based on the MAC address - quite demanding one.

Regards,
Ondrej
GTM-P2G8KFN