Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
499
Views
2
Helpful
11
Replies

Cisco ISE Guest Portal, iPhone User connected but no internet

a-almisfer
Level 1
Level 1

‎09-15-2025 02:39 AM

we have configured a Hotspot guest portal which was working fine redirection is fine now suddenly for iPhone devices its not working connected but no internet same guest portal if i try on android or pc it is working fine,

Both are hitting the same policy, everything seems fine except Profiling 

All devices 

cisco-av-pairprofile-name=Unknown

iPhone 

cisco-av-pairprofile-name=Apple-iPhone

since we have only  essential license I'm unable to find  Work Centers > Profiler > Profiling Policies,

 

 

Labels:
11 Replies 11

Aref Alsouqi
VIP
VIP

‎09-15-2025 04:22 AM

If you are not using profiling on your authoriaztion rule it wouldn't be relevant. I would check with one of those iPhones and see if it gets the right IP in the first place, and then I would try to generate some traffic to the internet and check on the firewall logs and then take it from there.

0 Helpful

a-almisfer
Level 1
Level 1
In response to Aref Alsouqi

‎09-16-2025 01:14 AM

IP is same as other devices and there is no FW Involved 

0 Helpful

Aref Alsouqi
VIP
VIP
In response to a-almisfer

‎09-16-2025 02:28 AM

What do you mean by no firewall is involved? how would the traffic from the iPhones flow to the internet? wouldn't pass through a firewall? what is the gateway for those iPhones?

0 Helpful

MHM Cisco World
VIP
VIP
In response to Aref Alsouqi

‎09-16-2025 02:34 AM - edited ‎09-16-2025 02:35 AM

He use CWA of WLC 

MHM

0 Helpful

Aref Alsouqi
VIP
VIP
In response to MHM Cisco World

‎09-16-2025 02:57 AM

Yes, but if the iPhones aren't able to connect to the internet, their traffic might be blackholed or dropped somewhere for some reason. Looking at the firewall logs would confirm if the iPhones traffic is actually making it to the firewall and how the firewall deals with it. If that traffic doesn't hit the firewall then it must be blackholed somewhere on the network.

0 Helpful

MHM Cisco World
VIP
VIP

‎09-15-2025 05:06 AM

Profilling  use which conditions?

Can I see it ?

MHM

0 Helpful

a-almisfer
Level 1
Level 1
In response to MHM Cisco World

‎09-16-2025 01:16 AM

aalmisfer_0-1758010508026.png

this is what i have configured in authorization policy 

 

MHM Cisco World
VIP
VIP
In response to a-almisfer

‎09-16-2025 02:42 AM - edited ‎09-16-2025 02:43 AM

https://youtu.be/6g_smhZKF14

the order is wrong between Authz line 2 (redirect to hotspot) and Guest-flow authz line 3, Guest flow must above redirect 

also why  you use first line of authz what is meaning ?

0 Helpful

Aref Alsouqi
VIP
VIP
In response to MHM Cisco World

‎09-16-2025 02:58 AM

Although the "Guest_Flow" rule is placed under the redirection rule, it shouldn't be the issue here because the first rule has the guest identity group identified and should match the guest traffic after the guests have been added to that identity group post redirection.

0 Helpful

Aref Alsouqi
VIP
VIP
In response to Aref Alsouqi

‎09-16-2025 02:59 AM

In other words, the "Guest_Flow" rule would never be hit.

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎09-16-2025 02:34 AM

Adding other comments, is this only issue with Iphone, how about rest of the Guest users using other devices ?

what model of Iphone ? what is your wireless infrastructure information may help here.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents