3 Jan
2019
3 Jan
'19
10:25 a.m.
Thanks all for the replies. For now, I've solved it like this: There are unique usernames in addition to passphrases, matching guest[0-9]+ A simple perl script handles post-auth and when a guest[0-9]+ user is first encountered, the timestamp+MAX_CONNECT_TIME is stored. Later, the timestamp is compared to the current timestamp and if that greater than the stored max time, the user is rejected, otherwise accepted. I'm thinking rather than to reject the user, to assign them to a different VLAN where a capture domain exists informing the user that their guest login has expired. I'll attach the script in case anyone is interested. It's the first time I use perl, so it's probably less than optimal. Cheers, HC