01-20-2020 06:26 PM
We are running a Window DNS server.
How do I query the Sponsor Portal FQDN to the DNS server?
Solved! Go to Solution.
01-21-2020 10:26 PM
This setting allows you to configure a 'Friendly FQDN' for the Sponsor Portal. When configured, ISE will automatically redirect any http/https requests using this FQDN to the respective portal ID for the Sponsor Portal.
For example:
ISE node hostname is 'ise.site.local'
You can configure a Friendly FQDN of 'sponsor.site.local'. This FQDN would be communicated to your end users and they would type that URL (http://sponsor.site.local or https://sponsor.site.local; no port number required) to access the Sponsor Portal.
This requires that you configure a record on your DNS server for 'sponsor.site.local' with the IP address of the ISE PSN (or LB VIP, or DNS round robin; depending on your architecture) so the users can resolve it.
You also need to ensure this Friendly FQDN is included in the SAN field for your portal certificate, or your users will get a certificate warning.
For more information on Guest Access, see the ISE Guest Access Prescriptive Deployment Guide
Cheers,
Greg
01-20-2020 07:07 PM
01-21-2020 09:55 PM
Thank you for your answers.
But I still don't know how to enter the FQDN of the Sponsor Portal.
ISE's FQDN is ns.ise.com.
If you change the FQDN of the sponsor portal to sponsor.ise.com, "Site is not reachable"
I think we should set it up so that we can query it on the DNS server.
But I don't know what to do.
ISEip:8445/sponsorportal/PortalSetup.action?portal=274a95f0-2e58-11e9-98fb-0050568775a3
01-21-2020 10:26 PM
This setting allows you to configure a 'Friendly FQDN' for the Sponsor Portal. When configured, ISE will automatically redirect any http/https requests using this FQDN to the respective portal ID for the Sponsor Portal.
For example:
ISE node hostname is 'ise.site.local'
You can configure a Friendly FQDN of 'sponsor.site.local'. This FQDN would be communicated to your end users and they would type that URL (http://sponsor.site.local or https://sponsor.site.local; no port number required) to access the Sponsor Portal.
This requires that you configure a record on your DNS server for 'sponsor.site.local' with the IP address of the ISE PSN (or LB VIP, or DNS round robin; depending on your architecture) so the users can resolve it.
You also need to ensure this Friendly FQDN is included in the SAN field for your portal certificate, or your users will get a certificate warning.
For more information on Guest Access, see the ISE Guest Access Prescriptive Deployment Guide
Cheers,
Greg
01-21-2020 10:28 PM
03-26-2020 11:16 PM
Hi Greg,
My sponsor portal URL is very log when i click on - "portal test url"
After giving FQDN for example like - http://sponsor.site.local to 172.x.x.x:8445 then how to about rest of the url which is sponsorportal/PortSetup.action?portal=40963c00-2e02-11e8-xsse-re24dd29384729237? i want to hide this long url part else after FQDN url will be like below.
http://sponsor.site.local /sponsorportal/PortSetup.action?portal=40963c00-2e02-11e8-xsse-re24dd29384729237
Is it posible to reduce the url length? and only keep it to http://sponsor.site.local ? i really need this uregent, appreicate your response.
03-29-2020 03:11 PM
ISE supports multiple portals, so it uses the Portal ID to identity which portal to use for a particular flow (Sponsor Portal, Guest Portal, BYOD Portal, etc). When you specify a "Friendly" FQDN for the direct access portals (Sponsor, My Devices, etc) ISE essentially maps that internally to the particular Portal ID.
This FQDN is meant to make it easier for users to browse to the Sponsor Portal by using the "Friendly" FQDN (e.g. http://sponsor.site.local). When ISE receives the HTTP request with this URL, it automatically does an internal redirect to the full FQDN that includes the Portal ID.
I'm not aware of a way to hide the resulting real FQDN after the automatic redirect as this is how HTTP redirects work. I don't believe I've had a customer for which this presented a problem.
What is the reason for wanting to hide the resulting real FQDN?
03-29-2020 06:09 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide