Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
545
Views
0
Helpful
1
Replies

[ISE 1.1.3] Guest portal wired mab web redirection does not work

vrz rrr
Level 1
Level 1

‎04-10-2013 09:24 AM - edited ‎03-10-2019 08:17 PM

Hello,

again, I have an issue with ACLs and this time it is related to mab webauth redirection (Guest Portal).

Logs shows that the connection in pending due to posture status (that's OK), My dACL is applied and... nothing else.

I mean Web traffic does not get redirected.

(Auth policy mab if user not found continue)

See attached files.

webauth.jpg : AuthZ policy

webauth1.jpg : AuthZ profiles

webauth.jpg : live authentication

This is my switch port config is :

interface FastEthernet1/0/3

description test GUEST MAB

switchport mode access

ip access-group ACL-ALLOW in

authentication order mab

authentication priority mab webauth

authentication port-control auto

mab

ACLs :

ip access-list extended ACL-ALLOW

permit ip any any

!

ip access-list extended redirect

deny   udp any eq bootpc any eq bootps

deny   udp any any eq domain

deny   ip any host 192.168.6.10

permit tcp any any eq www

permit tcp any any eq 443

!

Labels:
Preview file
220 KB
Preview file
42 KB
Preview file
67 KB
0 Helpful
1 Reply 1
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents