Solved: Employee to be authenticated using Guest Flow

Mandeep · ‎12-12-2016

Hi,

I have a customer who wanted user to be presented with "captive portal" or "pop-up" for authentication. You user could either through wired or wireless network and they can not roll out supplicant and associated configuration.

These users are going to be authenticated against 3rd party Identity Store ie LDAP

Other requirement which my customer has is to permit few users to have multiple simultaneous login

I would like to evaluate "Guest Flow" as it would provide the portal to insert user name and password. Also we can control the simultaneous session access using Guest Type which can be called in Guest Portal.

However i am sure on the "Maximum Access Time" parameter which can configurable range between 1-999 days. But my customer require the number of days to be more (5 years).

So i would like to understand whether there are any other limitation apart from what i highlighted above.

What happens when "Maximum Access Time" exceed?

Thanks,

Craig Hyps · ‎12-14-2016

LDAP users are not subject to the guest account time restrictions.

View solution in original post

keglass · ‎12-13-2016

mandeesi,

I am moving your post to the Cisco Security Community for better visibility and access to feedback from Cisco product experts.

Identity Services Engine (ISE)

I hope this helps.

Kelli Glass

Moderator for Cisco Customer Communities

Craig Hyps · ‎12-14-2016

LDAP users are not subject to the guest account time restrictions.