Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
337
Views
2
Helpful
2
Replies

Gues Wireless Access with ISE

Dkiptoo
Level 1
Level 1

‎09-05-2024 05:40 AM

I have  ISE as my AAA server within campus network, additionally We also have WLC. I need to have a self registered guest access portal for guest access as well as enforce BYOD .

Additionally, I realized the guest network is currently able to access private VLANs, which should not be the case, in this case I have FTD, managed through FMC, where do I set access control rules and enforce them between ISE and the Firewall

0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎09-05-2024 05:46 AM

@Dkiptoo here are all the guides to setup Guest on ISE. https://community.cisco.com/t5/security-knowledge-base/ise-berg/ta-p/5041171#guest

For the users, you could just deploy a Downloadable ACL (DACL), deny access to the normal LAN networks and permit access to the internet. Or you could place the guest users in a VLAN that is in a separate VRF, this isolates the traffic from the normal LAN. Traffic can be routed to the FTD on a separate logical or physical interface and permitted to access the internet only.

MHM Cisco World
VIP
VIP

‎09-05-2024 05:52 AM

Additionally, I realized the guest network is currently able to access private VLANs, which should not be the case, in this case I have FTD, managed through FMC, where do I set access control rules and enforce them between ISE and the Firewall <<- try use ACL in WLC 

MHM

0 Helpful
Customers Also Viewed These Support Documents