Table of Contents
Advertisement
User authentication
Allow access if authentication timed out
Enable this option to give users free access to the protected network if authentication
services configured for a VSC are unavailable. Once the authentication services are available
again, free user sessions remain active until the user logs out.
For example, if a user is connected to a VSC configured for HTML-based authentication using
a RADIUS server, and the RADIUS server is not responding, the user will be granted free
access to the network using the settings from the default user profile (Default AC).
Note
This feature does not work for users configured to use 802.1X or WPA when the encryption
keys are provided by the RADIUS server.
Add idle-timeout to RADIUS accounting session-time
When enabled, the controller includes the idle time-out in the total session time for a user
when the session is terminated due to idle time-out.
To remove the idle time-out from the total session time, disable this option.
Automatically reauthenticate HTML-based users for nn min
When this option is enabled, you can specify the amount of time that the controller will
remember the login credentials for an HTML-based user after they log out. If the user
reconnects to the network before this timeout expires, they are automatically logged in, and
instead of being redirected to the Login page, they are redirected to the Welcome-back page.
For this feature to work, users must have successfully been logged in at least once via HTML
and must have the same IP address and MAC address as their initial login when they return.
Also, the session must have been terminated involuntarily. For example, by the user moving
out of range, or their computer being restarted. If the user terminates their session, they will
not be automatically reauthenticated.
To support this functionality, the DHCP server on the controller needs to be enabled. It will
attempt to reserve a user's assigned DCHP addresses even after their lease time has expired.
As long as free addresses remain in the DHCP address pool, the expired address will not be
reassigned to a new user.
Note
The controller remembers login credentials even if the controller is restarted for
administrative reasons.
This feature may not work for users whose actual IP or MAC address is hidden by an
intervening router or other network device.
Public/guest network access
Configuring global access control options
14-9
Advertisement
Chapters
Table of Contents
