cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1055
Views
0
Helpful
3
Replies

new-style commands for central web-auth

dgaikwad
Level 5
Level 5

Hi Experts,

Seems that Cisco will be moving to using C3PL more and more. I was going through the following documentation to learn more about new-style of configuration here

This documentation does explain how to get to do this C3PL configuration for dot1x and MAB. I was looking for some more examples on configuring posture and CWA from the switch.

Could anyone please redirect me to some more articles that talk about posture configuration and CWA using this new-style of configurations and use of the new-style commands.

3 Replies 3

Jason Kunst
Cisco Employee
Cisco Employee
Did you see the prescriptive guest guide under http://cs.co/ise-guest

I went through the document, but it still did not answer my question regarding setting up CWA using new-style of commands.

I am looking for such a document that gives pointers to commands of configuring the switch using C3PL for CWA and Dot1x

howon
Cisco Employee
Cisco Employee

CWA is extension of MAB. It authenticates unknown MAC address and simply assigns redirect ACL and URL redirect string values as part of authorization to make webauth work. If you follow the document and configure ISE for CWA, should be enough to get CWA working on the switch with C3PL. It is similar for posture, only difference is posture is leveraging 802.1X instead of MAB to assign redirect ACL and URL redirect string values. Here is link to more recent guide for IBNS 2.0 (C3PL):

https://community.cisco.com/t5/security-documents/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: