I am testing the E400 AP´s in a Hotel environment. I enabled the free guest portal and created multiple guest portals with multiple session times and reneawl frequency. Based on the documentation from Cambium the session time and renewal times must the same. If this is configured with the same values ,when the client session is finish the client will get the splash page again with the login button.
After testing multiple session times and renewal frequency. I see the the following issue.
Issue.
After the free session expires on the second login attempt a message appears " Free Session Expired". And client cannot ge registered on the AP.
+ On device network settings. Try to forget network same behavior
CnMaestro
+ On the guest portal session tab. The clients are displayed with no remaning time.
Solution (work around )
+ From the guest portal session tab. I have to manually disconnect every user with expire session.
I am attaching screenshots of the guest portal configuration,expired client sessions and device connection reject message. Wanted to get more feedback.
There is a limitation like we can not configure renewal frequency value less than session validity time.
If we configure equal values, after the session validity time completes, again splash login page will come on clients, and it will not restrict the client to re-login. So, you will never get the error "free session expired" in this case.
Suppose if client 1 connects with the configurations(session validity-4hrs, renewal frequency-6hrs), and connected client2 after modifying the configurations(session validity-4hrs, renewal frequency-4hrs). If the client 1 session is in progress when modifying, the modified configurations are not applicable to client1. Server will delete the client1 MAC address after 6hrs only.
So your second paragraph just says that client session and renewal time are only checked when the client connects. Fair enough. We did not, however, in the course of our testing on this, actually change the session settings with a client connected. We manually deleted the clients from cnMaestro prior to changing settings.
On the first paragraph, please expand out the logic as to what the renewal frequency value and session validity time actually mean. The way I understand what you have setup now, renewal frequency cannot be less than session validity time. That makes a certain amount of sense, particularly for the use case when you are trying to limit the amount of time a given client can stay connected within a given day (or other given subset of time).
The functionality being present, however, is one that adds the renewal frequency counter (RFC) to the session validity counter (SVC). Meaning it is presenting in our lab testing (we have seen this with a variety of devices) as SVC + RFC = the total amount of time before a user can reconnect. I can't quite be certain of that however, as we haven't actually gotten a client to successfully reconnect without manually deleting them from cnMaestro.
The above paragraph is the behaviour that is unacceptable to us. It won't work for what we need, and if it's a combination of settings doing it, fine, but we need guidance to find those settings, not denial that the problem exists like "So, you will never get the error "free session expired" in this case."
The renewal frequency is the duration of time after which the client will be allowed to login again to get free access. The total duration after client is expired and deleted depends on this renewal frequency only. When a client does login the policy renewal frequency value is read and the expiry value is set for the client entry. Once set this value for a client it's not reset if the policy configuration changes. You understanding for the session time and renewal frequency is correct except the fact the expiry and deletion of the client session entry happens purely based on renewal frequency. Session duration just drives the amount of free session given to a client when he does a login.
If session duration and renewal frequency are same then client session entry will be deleted the moment session expires.
As you have explained that you are not seeing the client session getting deleted ever even after expiring of renewal frequency then there is something going wrong and we need to investigate it. Somehow we never found any issue in this feature behavior till date so to debug it further will it be possible to invite me(kunal.solanki@cambiumnetworks.com) from the cnMaestro support account. This invitation option can be found under 'Manage'->'Administrators'. Just provide my email in the 'add user' option.
The issue has been fixed and I verified from your account also. All old entries are cleaned now. We replicated this issue in our lab and verified the fix. The issue was seen when all portals were in use and and had active sessions in it.
