05-06-2019 09:50 AM
Hello, I'm currently redirecting the guest users to a hotspot portal and that's working just fine. Once they disconnect and attempt to re-connect they're not being redirected to the portal anymore. How can I configure ISE to redirect the guest users everytime they connect to the guest wireless. I guess what I'm asking is if there's a way to purge the guest account automatically everytime they disconnect from the wireless.
Solved! Go to Solution.
05-14-2019 09:09 AM
I ended up creating a purging policy that purges endpoints every 8 hours which is the minimum. This is working fine. Thanks for all your inputs.
05-06-2019 10:29 AM - edited 05-06-2019 10:29 AM
Closest option is to use 'Endpoints: LastAUPAcceptanceHourse' condition to force them to accept AUP at set interval.
05-06-2019 10:46 AM
05-07-2019 04:50 AM - edited 05-07-2019 04:51 AM
Is it possible to share the policy screenshot?
05-07-2019 06:20 AM
05-07-2019 07:08 AM
1. Redirection policy with conditions as wireless mab & SSID name -> redirects to the guest portal.
2. Guest access policy with the condition as Network access: UseCase equals to Guest Flow -> Guest Access
Similar to this one.
05-07-2019 07:24 AM
05-07-2019 07:31 AM
Thanks Jason, so the period can't be less than 24 hours? I went through this doc and it says I can set the minimum to be 1 hour.
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2016/pdf/TECSEC-3672.pdf
Will my authz policy work the way it's created to prompt the guest for the AUP if they haven't accepted it in the last hour?
05-07-2019 08:07 AM
@NETAD wrote:
Thanks Jason, so the period can't be less than 24 hours? I went through this doc and it says I can set the minimum to be 1 hour.
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2016/pdf/TECSEC-3672.pdf
Will my authz policy work the way it's created to prompt the guest for the AUP if they haven't accepted it in the last hour?
Its showcasing a time range, saying < 24 hrs then dont prompt. The minimum time is 1 hour. The admin guide needs to be fixed. Why are you wanting to accept every time, this is going to be awful for user everytime they sleep their mobile device..
05-11-2019 05:31 PM
Another way might be to use the regular guest portal with username and password, rather than hotspot. I believe there a way to pre-filll the credentials, if needed.
Also, if CoA Reauthenticate selected as the CoA type in a hotspot portal, we might be able to use some attributes, such as GuestFlow as proposed by Aravind Ravichandran, to authorize the endpoints with proper access.
05-14-2019 09:09 AM
I ended up creating a purging policy that purges endpoints every 8 hours which is the minimum. This is working fine. Thanks for all your inputs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide