08-06-2014 09:23 PM - edited 03-10-2019 09:55 PM
Hi Guys,
I'm a little bit new with this Cisco ISE and I'm wondering if you can help me.
My setup is a WLAN 802.1x and I'm planning to deploy in the ISE just Device Registration WebAuth (only showing AUP) since the username and password authentication are checked via the WLAN settings of the computer.
My question are these, if I do that setup and when the employee logs out and in again does that employee needs to see again the AUP? Also, how the ISE checks if the device registration has been successfully done? Does the attribute Endpoint: BYODRegistration = YES will took effect?
Thank you very much in advance.
08-07-2014 01:36 AM
08-07-2014 05:23 PM
If you are using Cisco's wireless I woudl highly recommend that you push this funciton to the WLCs. The reasons I would recommend this are:
1. This type of authentication would take a Plus license
2. If you only care of the users to see and accept an AUP then the "passthrough" function in the WCL would do the job perfectly
3. The registered devices remian in teh system indefinitely. The current version of ISE does not proivde a mechanism to automatically purge those devices. Thus, you would have to manually remove them
Thank you for rating helpful posts!
08-22-2014 05:26 PM
08-26-2014 02:08 AM
My question are these, if I do that setup and when the employee logs out and in again does that employee needs to see again the AUP?
Choose Administration > Web Portal Management > Settings > Guest > Multi-Portal Configuration.
Check the Guest portal to update and click Edit .
Click the Operations tab.
Choose one of these options to determine whether guest users must agree to an acceptable use policy:
– Not Used
– First Login
– Every Login
08-26-2014 07:49 PM
08-26-2014 09:43 PM
Hi Experts,
By the way, I've just noticed that my AUP is not showing up, after I hit the register button in the self-provisioning page, it goes already to the confirmation that the device was successfully registered.
I already enabled the AUP in "MyDevice" Portal settings but the AUP still doesn't shows up.
Thanks in advance.
Niks.
08-27-2014 09:07 AM
A couple of questions:
1. Which type of portal did you select for the DRW flow?
2. Do you have the "Self-provisioning flow" enabled
08-27-2014 06:07 PM
Hi Neno,
Good Day!
I'm trying Native Supplicant Provisioning but I set the Client Provisioning settings to Network Access so that it will not check for the Client Provisioning policies.
Also, I already enabled the Self-Provisioning option in the Guest settings in Web Management Portal settings.
Thanks,
niks
08-31-2014 02:25 PM
Device Registration WebAuth and MyDevices portal are not the same, don't confuse them. Use either but not both.
09-01-2014 01:12 AM
Hello Niks-
For your scenario (Device Registration WebAuth) you need to select the "Device Web Authorization Portal" when creating the portal. In that portal the "Enable Self-Provisioning Flow" is not available since it is used for the BYOD registration/provisioning process.
Hope this helps!
Thank you for rating helpful posts!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide