Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1165
Views
0
Helpful
4
Replies

ISE sponsored guest with internal users

Go to solution
Greg W
Level 1
Level 1

‎10-01-2018 05:20 PM

Hello all,

 

I'm wanting to set up sponsored guest in ISE, with an extremely limited network. Only using internal ISE users, as there is no AD, LDAP, etc on this network (and we don't want one there). Just ISE, a switch, a 2504 WLC, and an AP. Is there a way to do this? I'd prefer to use the Wireless Setup tool, but I understand that may not be possible. I've already run into issues getting the wizard to run, so I'll likely zero out the config of ISE and the WLC next, and try again.

 

Am I correct that the portal can not be authorized without a valid external identity source, even by manual configuration? That seems to be what the tables say in the documentation. If that is correct, will a generic RADIUS token server work with the users manually loaded into there?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎10-01-2018 06:14 PM

You’re correct the secure access wizard doesn’t allow you to use internal sponsors in its setup.

You don’t need to integrate with any external identity source.

Please follow the ise guest deployment guide. You can add users internally on ise to use as sponsors


https://community.cisco.com/t5/security-documents/ise-guest-access-deployment-guide/ta-p/3640475

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎10-01-2018 06:14 PM

You’re correct the secure access wizard doesn’t allow you to use internal sponsors in its setup.

You don’t need to integrate with any external identity source.

Please follow the ise guest deployment guide. You can add users internally on ise to use as sponsors


https://community.cisco.com/t5/security-documents/ise-guest-access-deployment-guide/ta-p/3640475
0 Helpful

Go to solution
Greg W
Level 1
Level 1
In response to Jason Kunst

‎10-01-2018 06:21 PM

Just so I'm clear, it will work, just not through the wizard? So I just need to do manual configuration for sponsored guest or self reg on ISE and the WLC, and it should work? I'll walk through the guide in the morning. Thank you for your quick response, Jason!

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to Greg W

‎10-01-2018 06:55 PM

Yes it works. The wizard is just used to quickly setup the flows. Unfortunately the ability to setup without an active directory was not included
0 Helpful

Go to solution
Greg W
Level 1
Level 1
In response to Jason Kunst

‎10-01-2018 06:56 PM

Excellent. Thank you again for your quick response. I owe you a cold one if I get this working tomorrow :)

0 Helpful
Customers Also Viewed These Support Documents