05-20-2014 04:14 PM - edited 03-10-2019 09:44 PM
Have a situation where we want to just do a simple one time registration of the MAC address after a person successfully authenticates web-auth using LDAP.
It's very similar to guest authentication, but I'm not sure how to customize the another portal for this user group so I don't affect the current guest portal. Is there a better way?
I'm envisioning the following sequence:
1. User tries to log onto wireless for the first time and is redirected to a web page to enter LDAP credentials
2. User successfully authenticates credentials and ISE adds MAC address to a "VALID ENDPOINT" endpoint group
3. Next time user tries to access wireless they are seemlessly connected, but what happens is ISE sees their MAC in the "VALID ENDPOINT" group and MAB's them onto the network.
It looks very similar to the guest portal configuration, but I'm not sure how you tell it to register the MAC with an endpoint group.
Thanks in advance,
Mike
Solved! Go to Solution.
05-22-2014 08:27 AM
You can register device via device registration portal with mac address and it will be added to endpoint group "registereddevice"
05-22-2014 04:35 AM
Its the internal work flow i dont think you can change it ..... any one have any other suggestions do share.
05-22-2014 09:03 AM
That's what I was afraid of. Wasn't sure if there was some way to make a custom workflow.
Thanks.
05-22-2014 08:27 AM
You can register device via device registration portal with mac address and it will be added to endpoint group "registereddevice"
05-22-2014 09:02 AM
Yeah, I was looking at that as the fallback plan. Just wasn't sure if there was someway to adjust the guest portal authentication with some background scripting or something.
Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: