Showing results for 
Search instead for 
Did you mean: 

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

Gustavo Novais

Endpoint group updates - recurring issue and possible feature request?



Please apologize the rant in advance. I'll try to be as constructive as possible.

Once again I'm faced with a customer intending to do multiple manipulations off the guest portal regarding endpoint caching (remember me functionality), as well as endpoint mac differentiation for employees authenticating off guest portals.

I've seen in the communities really valuable contributions from Jason Kunst and other community members where the generalized accepted solution is use the CoA mechanisms to redirect users after authentication yet again to a hotspot portal just for endpoint registration into a correct group, just because there's no way to tie external db lookups into guest portals.

This method is in my view an ugly workaround. It is not scalable (many guest types/endpoint groups/external DB groups imply a portal per type; any change needs to be reflected in all portals)

Would there be the possibility of adding directly off of the authorization policy a "Post-Authorization Action" result where an Endpoint would simply be updated with the correct static endpoint group based on External User group mapping and then CoA'd? The possibility of manipulation of the internal endpoint DB on the fly would be a really nice addition as it would overcome a major limitation of not being able to distinguish "remember me" configurations.

Maybe that's already on the roadmap?



Jason Kunst
Cisco Employee

We can’t discuss roadmap here and feature requests are sent through sales channel to our product managers

Hi Jason,

I understand the proper channel argument. Yet often, when going through the channel,  we are faced with a "Please explain your business case and which and how many customers are interested" type of answer.

If enough people in the community would be interested by such type of feature, it would make for a good business case on its own.

Does the feature request make sense, at least?


Gustavo Novais

Recognize Your Peers
Content for Community-Ad

ISE Webinars

Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube