I recently got my hand on a Ruckus 7372 Accesspoint and have an issue with it.
I have a SSID which authenticates users against a Windows server 2012 R2 NPS Server. The authentication process works just fine but...
Some accounts have restricted Loginhours. For example, John Doe is only allowed to login between 7 am - 10 am.
Now, If that user login during this time Everything works well and if the user perform a login outside the timerange, access is denied which allso is fine.
But! if the user login say 9 am he can still use the wireless network at 11:15( which is how long i waited until i asked the question here ).
On other AP ́s i ́m used to set a re-authentication time in seconds which forces a re-authentication against the NPS server which then disconnects the user when the logon hours have expired.
This is a setting i can not find in the Ruckus AP. I have spoken with our distributor which is a Ruckus CWNA about this and he does not know about that setting either.
Can someone shed a light ont this issue?
The AP is pretty much useless in these kind of Environments without this parameter.
For fastest response, please open a ticket with Technical Support.
A standalone mode AP does not have all the features/functions that are available when managed by a ZoneDirector WLAN controller.
A standalone mode AP has no options you desire on 802.1x WLANs, but does have HotSpot options Maximum Session Time, and Grace Period, which are used to limit access (duration) and force re-authentication, like you describe.
ZoneDirector managed AP WLANs that employ 802.1x, can be configured with a Grace Period and Idle-Timeout, and a Service-Schedule of which hours of which days, they may access your WLAN for much greater control, but for 802.1x, is only available if also employing the ZoneDirector.