Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
648
Views
0
Helpful
4
Replies

ISE and non-auth Guest

superduperlopez
Level 1
Level 1

‎03-17-2014 06:46 PM - edited ‎03-10-2019 09:33 PM

Hi,

Using WLC and ISE, is it possible to simply present Guest users with an AUP (without having to do any kind of authentication) before granting them Internet access..? Would this be done using Web Passthrough on the WLC or modifying a Portal template on the ISE so that it does not contain a Login page?? Any advice welcome.

 

Cheers,

 

Santi

1 person had this problem
Labels:
0 Helpful
4 Replies 4

jj27
Spotlight
Spotlight

‎03-18-2014 01:56 PM

I've done this before using a Device Web Authorization portal.  The user is displayed an AUP and placed into an endpoint group that you assign them to. You would have an Authz policy to check to see if they match that group if connected to that SSID, if not, direct them to the portal to accept the AUP. If they are part of the endpoint group then it will just let them online.  The only downfall is it is a one-time thing, so the first time they will be displayed an AUP but all subsequent logins they will just get access.  You could clean out the endpoint identity group daily if you wanted to fix that.

0 Helpful

gadholwi1
Level 1
Level 1
In response to jj27

‎10-01-2015 06:07 AM

Hi jjonston1127,

how did you setup the Device Web Authz portal? I want to implment an wlan guest access with aup only.  How does the authorization profile and authorization rule look like?

 

0 Helpful

Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎03-19-2014 10:23 AM

AUP is only poped up after a successfull authentication

0 Helpful

Naveen Kumar
Level 4
Level 4

‎03-31-2014 05:07 AM

you can customize the guest login portal page:

To support a fully-customized guest portal, you must provide a minimum set of HTML pages based on the features you want to support:

    • Login Page—Required
    • Successful Guest Login Page—Required
    • Error Page—Required
    • Acceptable Use Policy Page—Required only if you require guests to acknowledge an acceptable use policy.
    • Change Password Page—Required only if you require guests to change their passwords when signing in for the first time.
    • Self-Registration Page—Required only if you allow guests to create their own accounts (self service).
    • Self-Registration Result Page—Required only if you allow guests to create their own accounts (self service).
  • Device Registration Page—Required if you are supporting device registration for guest users.
0 Helpful
Customers Also Viewed These Support Documents