Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
357
Views
5
Helpful
3
Replies

Ise client ip flow during web auth

Not applicable

‎07-31-2017 04:02 AM - last edited on ‎03-11-2019 12:54 AM by

Hi everyone,

can it be explained what the client ip address flow is when it tries to connect to a guest ssid for example.

so far I understand the client dhcp to wireless and gets redirected to the ise portal when opening a browser. For connectivity at this point what would be the clients ip ? As it would not be assigned one from the dhcp pool as it has not authicated yet ...

Thanks 

thetone 

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-31-2017 04:42 AM

The client is given the IP address via DHCP but it is restricted by ACL to only be able to access the ISE portal.

Usually DNS is allowed in the ACL as well to be able to resolve the ISE portal FQDN.

Not applicable

‎07-31-2017 10:31 AM

Ok thanks Marvin.

Btw is it necessary to explicitly add dhcp in the redirect acl. If not which I have found though my dhcp server is on the same net as client and ap (in lab)

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to

‎07-31-2017 08:54 PM

If you don't need to leave the local subnet for DHCP services then - no, you don't need an ACL permitting that traffic.

It would be unusual to see that outside of a lab or very small environment though, so most guides will recommend including the ACL.

0 Helpful
Customers Also Viewed These Support Documents