Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
373
Views
0
Helpful
4
Replies

ISE1.2 MAC registration after LDAP web-auth

Go to solution
manglen32
Level 1
Level 1

‎05-20-2014 04:14 PM - edited ‎03-10-2019 09:44 PM

Have a situation where we want to just do a simple one time registration of the MAC address after a person successfully authenticates web-auth using  LDAP.

 

It's very similar to guest authentication, but I'm not sure how to customize the another portal for this user group so I don't affect the current guest portal.  Is there a better way?

 

I'm envisioning the following sequence:

1. User tries to log onto wireless for the first time and is redirected to a web page to enter LDAP credentials

2. User successfully authenticates credentials and ISE adds MAC address to a "VALID ENDPOINT" endpoint group

3. Next time user tries to access wireless they are seemlessly connected, but what happens is ISE sees their MAC in the "VALID ENDPOINT" group and MAB's them onto the network.

 

It looks very similar to the guest portal configuration, but I'm not sure how you tell it to register the MAC with an endpoint group.

Thanks in advance,

Mike

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎05-22-2014 08:27 AM

You can register device via device registration portal with mac address and it  will be added to endpoint group "registereddevice"

View solution in original post

0 Helpful
4 Replies 4

Go to solution
kaaftab
Level 4
Level 4

‎05-22-2014 04:35 AM

Its the internal work flow i dont think you can change it ..... any one have any other suggestions do share.

0 Helpful

Go to solution
manglen32
Level 1
Level 1
In response to kaaftab

‎05-22-2014 09:03 AM

That's what I was afraid of.  Wasn't sure if there was some way to make a custom workflow.

 

Thanks.

0 Helpful

Go to solution
Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎05-22-2014 08:27 AM

You can register device via device registration portal with mac address and it  will be added to endpoint group "registereddevice"

0 Helpful

Go to solution
manglen32
Level 1
Level 1
In response to Venkatesh Attuluri

‎05-22-2014 09:02 AM

Yeah, I was looking at that as the fallback plan.  Just wasn't sure if there was someway to adjust the guest portal authentication with some background scripting or something.

Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents