08-30-2012 01:00 AM - edited 03-10-2019 07:28 PM
Hi all,
Does anyone implements Cisco ISE with the proxy like Bluecoat ?
After the users authentication and authorization are accepted, mean that they are ready to WWW. but they still need to authenticate with Bluecoat again to access the internet.
Any ideas for this style ?
Thanks,
Pongsatorn
08-30-2012 06:23 AM
It is going to depend on the supplicant you use and the device type. What kind of device are you trying to use and what is the supplicant? There are some issues with mobile devices and proxies specifically with bypass lists.
Sent from Cisco Technical Support iPad App
08-30-2012 09:36 AM
HI,
Does the blue coat support anything such as transparent proxy? Ironport does this in a way that when it is integrated with Active Directory it can find the user to ip mapping and set the condition on the fly without redirecting users for authentication.
https://kb.bluecoat.com/index?page=content&id=KB4799
Thanks,
Tarik Admani
*Please rate helpful posts*
09-14-2012 02:11 AM
Tarik,
You mean that if the bluecoat supports the transparent proxy and it able to integrate with LDAP or Active Directory. It will work for this scenario, right ?
Does Bluecoat and Cisco ISE need to join on the same Active Directory to perform this scenario ?
Thanks for your guy response.
Pongsatorn M.
09-14-2012 02:19 AM
Did you mean PAC file for proxy ?
Pongsatorn M.
09-14-2012 05:35 AM
PAC file is needed for iOS devices as there isn't an option for a bypass list. But on the Android devices you can't point to the PAC file but you can put in a bypass list.
11-10-2015 07:56 AM
Hi, did you ever get this to work?
We use BC in tranparent mode, so all AD traffic will authenticate no problem. We are looking to authetnciate users created by ISE guest, I nkow can be done with Ironport, just wondered if you got round this?
cheers
03-08-2016 11:16 PM
Hi Craig,
i wonder how you control the users thru BC who authenticated by ISE, in our scenario the wireless users authenticated against ISE and we set "do not authenticate option" in BC for the same users but in this case we unable to apply BC policies/Rules, if we enable authentication in BC then users need to provide credential two times, isn't it?
regards,
- Moin -
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide