Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1398
Views
1
Helpful
3
Replies

ISE Self-Registered Guest Portal access via OTP only

Go to solution
MS07
Level 1
Level 1

‎08-29-2024 11:21 AM - edited ‎08-29-2024 11:23 AM

One of our customer sites has guest wireless access through ISE 3.3 with an integrated SMS Gateway, using self-registration portal that is currently working fine. now they come up with a new requirement as mentioned below,


Current Working Scenario:

Guest connects to the designated guest SSID.
Redirected to the self-registration portal.
Guest enters mobile number, email, and name.
Username and password are sent to the guest's mobile number.
Upon successful credential validation, the guest gains access to the guest SSID.

Customer's New Requirement:

Guest connects to the designated guest SSID.
Redirected to the self-registration portal.
Guest enters mobile number, email, and name.
OTP is sent to the guest's mobile number.
Guest enters the OTP for authentication.
Upon successful OTP validation, the guest gains access to the guest SSID.


This new requirement involves replacing the username and password with OTP-based authentication to enhance the user experience. Is there a way to implement this?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎08-29-2024 06:57 PM

ISE has no built-in OTP capability, so this would need to be done by an external system. AFAIK, the best option would likely still be an API-based solution as suggested in this similar post.

https://community.cisco.com/t5/network-access-control/guest-portal-with-otp-implementation/td-p/3471856

 

View solution in original post

3 Replies 3

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee

‎08-29-2024 06:57 PM

ISE has no built-in OTP capability, so this would need to be done by an external system. AFAIK, the best option would likely still be an API-based solution as suggested in this similar post.

https://community.cisco.com/t5/network-access-control/guest-portal-with-otp-implementation/td-p/3471856

 

Go to solution
MS07
Level 1
Level 1
In response to Greg Gibbs

‎08-29-2024 11:52 PM

@Greg Gibbs 

As mentioned, in the discussion, It seems rather excessive for Guest access.

Are there any alternative methods we can consider for the guest login process? Specifically:

Password-Only Login: After self-registration, could we modify the portal so that the guest is only required to enter a password? In this scenario, the username field could either be removed or auto-populated with the mobile number provided during registration, allowing the guest to enter only their password.

Any suggestions or workarounds?

0 Helpful

Go to solution
MS07
Level 1
Level 1
In response to MS07

‎09-02-2024 08:05 AM

Got below response from TAC,

"To automatically assign a phone number as the username during the guest self-registration process in Cisco ISE is not supported natively. Achieving this functionality may require custom scripts, but please note that this is outside the scope of TAC support."

0 Helpful
Customers Also Viewed These Support Documents