11-19-2018 06:56 AM
I have an environment where we are hosting the MyDevice portal on our external domain but the ISE nodes have names issued by the internal domain which is not resolvable for users outside the domain. When connecting to MyDevice Portal by the FQDN that was inputted there is a brief redirect to the DNS entry of the PSN's actual FQDN. Is there a way to prevent that from happening?
Solved! Go to Solution.
11-20-2018 09:03 AM - edited 11-20-2018 09:11 AM
Are they trying to go to http://mydevices.mycompany.com (not https;//). That is what they would need to do to get the redirect to work properly. Even if they are going to http:// it may still not work quite right because of HSTS support on most browsers and ISE. This will cause the call to automatically go to https:// and hit the Admin cert on the PSN.
Honestly I think you probably have two solutions
11-19-2018 07:12 AM
11-20-2018 08:36 AM - edited 11-20-2018 08:37 AM
That's correct we are hosting for offsite employees and they are unable to access due to the redirect. That is the issue we are trying to correct.
11-20-2018 09:03 AM - edited 11-20-2018 09:11 AM
Are they trying to go to http://mydevices.mycompany.com (not https;//). That is what they would need to do to get the redirect to work properly. Even if they are going to http:// it may still not work quite right because of HSTS support on most browsers and ISE. This will cause the call to automatically go to https:// and hit the Admin cert on the PSN.
Honestly I think you probably have two solutions
11-20-2018 09:19 AM
As I mentioned on my other response HSTS could be getting in your way. If you are using FQDN shortcuts your Admin Cert needs to contain a SAN field for the FQDN shortcut you are using. I just tested on one of my ISE deployments where the Admin Cert and the Portal Cert both have the FQDN shortcut in the cert and I didn't see any reference to FQDN of the ISE PSN in the sequence. I used Firefox Live Headers to track everything.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide