cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1265
Views
0
Helpful
5
Replies

Guest: bypass sponsor approval based on email domain

ralagatt
Cisco Employee
Cisco Employee

Hello,

My customer is asking if it is possible with self-registration with sponsor approval workflow to bypass sponsor approval if the guest registers with a specific email domain.

Example:

-          @Domain.com (whitelist) --> bypass sponsor approval

-          any other domain --> require sponsor approval

I remember that sponsor approval is a global workflow option, and I’m not sure it can be turned off based on domain whitelist.

If it is not possible, the other option would be to create a different SSID?

Thanks

1 Accepted Solution

Accepted Solutions

Jason Kunst
Cisco Employee
Cisco Employee

Correct have to do another portal and restrict email domains that can register using this portal

There maybe an advanced option where you have one portal link to another portal but this would have to be worked offline and discussed as required advanced customization

Who are the users under the special domain?

View solution in original post

5 Replies 5

Jason Kunst
Cisco Employee
Cisco Employee

Correct have to do another portal and restrict email domains that can register using this portal

There maybe an advanced option where you have one portal link to another portal but this would have to be worked offline and discussed as required advanced customization

Who are the users under the special domain?

These are corporate users, who can register for guest services (only internet access).

Any other guest would have to go for sponsor approval.

Have they thought about just allowing them to put in their AD credentials to get guest access? This way they don’t have to create guest accounts?

These would be corporate users from different countries/regions, different ADs.

There is just trust relationship between the various ADs, they do not have unified policies or even solutions.

I know ISE supports multi-forest AD, can we leverage this function and allow these users to have only internet access when connected to the main corporate SSID?

Example:

- If local corporate (country A) user connects to corporate SSID (country A) --> unrestricted access

- If remote corporate user (country B) connects to corporate SSID (Country A) --> internet access only

Any other guest would connect to Guest-SSID, and require sponsor approval.

Yes should be possible lets dicuss offline, send me a webex for late today