topic Wired Guest Whitelist in Network Access Control

Wired Guest Whitelist

sampathss — Mon, 11 Mar 2019 08:47:56 GMT

Hi,

Following is the scenario.

1) A set of mac addresses added to a specific endpoint id group

2) Only if the mac address exist in the endpoint id group, then only they get redirect to guest portal, self-register to get internet only access

3) If no mac address on the endpoint if group, then access denied

The question is, how this can be implemented in terms of policy?

The mac address can be only in one endpoint id group and through the portal, the default is set to GuestEndpoints id group.

Is it possible to manage the mac address between two endpoint if groups?

Re: Wired Guest Whitelist

Jason Kunst — Tue, 07 Aug 2018 20:14:41 GMT

Its not in the guest endpoint group until you actually login with an account.

if endpoint group and wireless mab then redirect to portal

Did you try this out? I am thinking it should work

Re: Wired Guest Whitelist

sampathss — Tue, 07 Aug 2018 20:33:35 GMT

Hi Jason,

I'm yet to try that. But how will it work if the self-registration guest portal is configured with different endpoint group? If I have the same endpoint ID group in the guest portal and as well as using the same endpoint id group in the policy for redirect, will it work?

Re: Wired Guest Whitelist

Jason Kunst — Tue, 07 Aug 2018 20:47:41 GMT

If you start with GuestEndpoints and end with GuestEndpoints then how would you do remember me?

You didn’t explain your complete flow. Perhaps if guestendpoints and portaluserID is null then redirect to guest portal? Then if guestendpoints and portaluserID is notnull then permit access?

I would think you would want to do pre-register group then have the portal login group override that and see how that works out?

Please try it and let us know