Public/guest network access
Configuring global access control options
14-10
Reauthenticate users on location change
When this option is enabled, the controller will automatically reauthenticate users when they
switch to:
a wireless cell with a different SSID
a different VLAN ID on the same VSC
an AP with a different MAC address
an AP with a different group name
a different wireless mode
Note This feature is only supported when using an external RADIUS server for authentication
tasks.
Maximum concurrently authenticated public access users
Specify the maximum number of users that can be authenticated and logged into the public
access interface at the same time.
Client polling
The controller polls authenticated client stations to ensure that they are active. If no response
is received and the number of specified retries is reached, the client station is disconnected.
To use this feature, client stations must have L2 connectivity to the controller.
This feature enables the controller to detect if two client stations are using the same IP
address but have different MAC addresses. If this occurs, access is terminated for this IP
address removing both stations from the network.
Changing these values may have security implications. A large interval provides a greater
opportunity for a session to be hijacked.
The initial query is always done after the client station has been idle for 60 seconds. If there is
no answer to this query, the settings for Interval and Retries are used to control additional
retries.
Polling interval
Specify how long to wait between polls.
Consecutive retries
Specify how many consecutive polls to which a client station can fail to reply before it is
disconnected.
User agent filtering
Enable this option to filter and stop redirection of HTTP login requests coming from
unauthorized client applications. Filtering occurs via the user-agent string that web-based
applications use to identify themselves to their peers.
To Next Page
Loading...
Need help?
General
