Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
334
Views
0
Helpful
0
Replies

BYOD flow in foreign - anchor setup

ambi
Level 1
Level 1

‎07-27-2015 10:46 AM - edited ‎03-10-2019 10:56 PM

Has anyone successfully deployed BYOD flow when the setup is a foreign / anchor controller

i understand that the L2 authentication will take place at the foreign controller and it needs to be able to reach the ISE. 

this is what i want to achieve 

client connects to an open SSID ( this SSID is not tunneled) and is available locally. Once connected MAB is done and BYOD profile is pushed which includes a eap-tls based ssid profile (this ssid is tunneled to the anchor) . Client receives IP from the anchor controller and performs EAP-TLS based authentication on the foreign. upto this iam fine and it seems to be working fine 

however based on the flow, the client needs to be redirected to NAC agent download and posture needs to be done subsequently. 

Confusion is which controller will redirect traffic for this 

also do i need to have ISE defined as radius on both the controllers ? 

 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents