Solved: Sending SMS with GUEST credentials, via POST method

rafaelsalvinos · ‎09-29-2023

Hey guys,

I am configuring Cisco ISE in my environment, to send SMS to new users registered in the captive Portal.

I checked some forums here in the community and found the sending method only through the Simple HTTP method. The problem is that my SMS Provider does not provide this sending method, but only the sending method via POST, which in cURL would look like this:

curl --request POST \
--url h t t p s: / / s m s . X X X X X . c o m . b r / a p i / v 2 / s e n d \
--header 'auth-key: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX' \
--header 'content-type: application/json' \
--data '{"Sender":"sender_id","Receivers":"phone_number","Content":"message"}'

I would like to know how I can make this call at ISE, so that the access credentials are forwarded to the registered visitor's number.

thomas · ‎09-29-2023

ISE does not currently support SMS messaging with HTTP POST custom authentication headers - only HTTP URL encoding and HTTP POST data content.

Please submit a feature enhancement request @ https://cs.co/ise-wish

View solution in original post

thomas · ‎09-29-2023

I suspect that ISE may not trust the digital certificate of the SMS provider you are contacting.

You will want to ensure the certificate authority for your SMS provider's server is in the ISE Trusted Certificates store (Administration > System > Certificates > Trusted Certificates).

View solution in original post

thomas · ‎09-29-2023

ISE does not currently support SMS messaging with HTTP POST custom authentication headers - only HTTP URL encoding and HTTP POST data content.

Please submit a feature enhancement request @ https://cs.co/ise-wish

rafaelsalvinos · ‎09-29-2023

Hi Thomas,

Thanks for the info.

I changed it and started sending all parameters via simple HTTP. I did the test directly from my notebook and successfully received the SMS.

I did the same test from ISE, using the option:
Work Centers -> Guest Access -> Portals and Components -> Guest Portals -> Self-Registered Guest Portal (default) -> Portal Page Customization

I selected my SMS Gateway and clicked send. I got the following error:

I received the following error message in response:

thomas · ‎09-29-2023

I suspect that ISE may not trust the digital certificate of the SMS provider you are contacting.

You will want to ensure the certificate authority for your SMS provider's server is in the ISE Trusted Certificates store (Administration > System > Certificates > Trusted Certificates).

rafaelsalvinos · ‎09-30-2023

Hi Tomas,

Thank you very much for your tip. I corrected the issue of trust in the certificate, took the test and the SMS was sent.

I now have a small problem, I added the SMS Gateway (INFOBIP) in ISE.

Within the ISE Portal & Components option, I selected only the INFOBIP SMS Gateway and unchecked the Global Default option, which was checked.

The problem is that the sponsor portal ignores the SMS Gateway option that I enabled, which in this case is INFOBIP and is only considering the Global Default option.

For my test to work, I needed to change the Global Default SMS Gateway URL.

Could you tell me where else I need to change so that ISE only considers the INFOBIP SMS Gateway option, which is the one I'm using?

Sponsor portal:

Fernando Magnus · ‎07-23-2024

Hello Rafael,

You mentioned that you changed the method and are now sending all parameters via plain HTTP. Could you share more details on how you did that?

I have the exact same need. My SMS provider gave me the method via POST, with cURL exactly like yours.

rafaelsalvinos · ‎07-26-2024

Hello Fernando,

In my case, the SMS gateway is INFOBIP. I am sending the parameters on ISE as follows:

https://api.infobip.com/sms/1/text/query?username=<USERNAME>&password=<PASSWORD>&to=$mobilenumber$&text=$message$

Note: Replace username and password with the ones you registered with the provider.

Fernando Magnus · ‎07-26-2024

Tranks for responding.

Was it no longer necessary to use the auth-key in the header?

Edit:

After a few hours I got it working. Thanks anyway.