cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

462
Views
15
Helpful
3
Replies
Highlighted
Beginner

Guest Portal CoA Issue

I am having an issue with CoA Reauth not occuring after an employee signs into the Guest Registration Portal. I am attempting to use the Guest Self Registration Portal as both the guest network and the open network for BYOD Onboarding. When an employee signs in on the guest portal, a CoA needs to occur to have them pull a different policy based on their AD attributes.

Here is what I have currently. It has changed multiple times in my attempts, but I stripped it to its basic form so hopefully you get the idea.

2-28-2017 11-05-21 AM.jpg

I basically want clients to originally hit the Guest - Reg Portal Redirect. Then when they log in via that portal, a CoA would occur and they would then hit the Employee BYOD Onboarding policy. Am I doing something that is even possible?

If you need more info, just ask me and I'll provide some logs.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

As long as you have not enabled employee byod option on the guest portal (to force through byod flow using guest portal ) then after they login a re auth should be sent for guests and employees

You should have an option for the guests at this point that's below the employee group that says

Either if guest flow permit access

Or if guest endpoints permit access

Have you contacted the tac to troubleshoot?

View solution in original post

3 REPLIES 3
Highlighted
Cisco Employee

As long as you have not enabled employee byod option on the guest portal (to force through byod flow using guest portal ) then after they login a re auth should be sent for guests and employees

You should have an option for the guests at this point that's below the employee group that says

Either if guest flow permit access

Or if guest endpoints permit access

Have you contacted the tac to troubleshoot?

View solution in original post

Highlighted

Man, I knew there was going to be a checkbox somewhere that I wasn't thinking about! That did the trick. Thanks a bunch for your help!

Highlighted

Awesome!!!

Content for Community-Ad