Hello,

Any help on this one?

I am testing Redirect URL/ACL from ISE to the WLCv for open guest portal access, so the user is authenticated on the portal.

The user is able to connect to the wireless network, receives IP from DHCP server, but is not redirected to the Portal.

Checking the Radius Live logs on ISE for the user connected, I see ISE sends the Av Pairs for Redirect ACL and Redirect URL to the WLCv, so I think ISE is working good, but on WLCv logs for the connected user (Monitor tab, Security Information Section, I see the field for "Redirect URL" correctly populated with the Redirect URL string sent from ISE (which is good), but the field for the redirect ACL is empty (AAA Override ACL Name). I think this field should show the name of the redirect ACL configured on the WLCv and not empty.

Looks like WLCv could be missing something?

Sending some screen shots from ISE and WLCv. Appreciate any help.

On ISE Live radius log detail I see the wireless user is successfuly connected, and the ISE sends the AV Pairs for ACL Redirect name, and Redirect URL.

On WLCv, the client connected entry on Monitor Tab, the Field "AAA Override ACL" is empty (I should see here the  redirect ACL name, but is not showing). The Field "Redirect URL" is showing  the URL from ISE which is good.

On WLCv, the Redirect ACL "ACL-WEBAUTH-REDIRECT" is configured, and is matching by name the one configured on ISE Authorization profile for this redirection.

ISE config for the Policy set WIRELESS, Authz policy rule "Default" have the Authorization profile "Guest_Redirect" where the redirect ACL name is configured for CWA.

Thanks,

Carlos.