09-17-2018 08:35 PM
Experts,
I have a unique ask for Guest Portal Customization.
Use Case:
Two Types of Guest Users
1) Traditional Guest - Click Through AUP Guest Flow - Guest Access Lifetime Expires in 4 hrs
2) Employee Guest Access - Username and Password Guest Flow with AD as the Identity Source - No Guest lifetime Expiry
Ask:
Customer wants to combine both use cases using one ssid, is this possible with scripting
Guest Flow would look like the following:
1) Traditional Guest
Endpoint Connects to Guest SSID -> Click Through AUP Page ->Accepts AUP -> Internet Access
2) Employee Guest Access
Endpoint Connects to Guest SSID -> Employee clicks on button from the Click Through AUP Page that takes them to the Guest Login Portal Page -> Employee enters AD Credentials -> Internet Access
09-18-2018 06:14 AM
Yes, this is easy to do as shown here:
09-18-2018 06:39 AM
As I have said on other posts, how are you going to enforce the 4 hour time limit? Are you going to set the session timeout on the guest SSID to 4 hours? The only way to force the 4 hour limit is to make sure the device is reauthenticated in that time frame.
I always push back on this with customers and say they are making things way too complicated for guest access. Simply map your guests into an endpoint identity group that is purged every night. So once a day the guests have to see the AUP.
09-18-2018 07:25 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide