We seek to allow certain Guest users elevated access once authenticated.
Currently we use Clearpass 6.7.10 to allow Guest users to self register.
Typically once the Guest user receives their creds after self registering they enter those creds on the captive portal login page and then they are placed in the guest auth role and a vlan via their registered id. Should they leave campus and return before the 7 day expiration they device will auth via guest mac cache and be placed in the same vlan.
This vlan grants a low level of internet access via the assistance of other systems.
I can curently create for example, a contractor user, and once I dish out the creds to the user they can auth on the captive portal and be placed in the lower level internet vlan. Then I can disconnect form the ssid on the device, wait the 5 min timout peroid via the wireless controller and when we reconnect (mac cache) the device is placed another vlan that grants a higher level of internet access via the assistance of other systems.
Can this be automated with out admin interference at all?
Thanks