Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
896
Views
5
Helpful
3
Replies

Wired with machine authentication AND captive portal web page using RSA

arnert
Level 1
Level 1

‎11-06-2017 08:02 AM - edited ‎02-21-2020 10:38 AM

Government networks are quickly have to adopt 800-171 standards for multifactor access to a LAN. Is it possible to use machine authentication on a NAD AND Captive Portal (web auth) using ISE and the standard RSA SDI proxy? If it takes turning a L2 switch into a router on a stick that is doable. If you need a secondary Captive Portal from a Cisco device that is doable also. Please advise - This standard are to be in effect by 2018.

Labels:
0 Helpful
3 Replies 3

arnert
Level 1
Level 1

‎11-06-2017 08:04 AM

This is an immediate need for Cisco shops across Government and contractors networks.  

0 Helpful

arnert
Level 1
Level 1

‎11-06-2017 08:30 AM

Just to add, AnyConnect supplicants are available but are not the preferred method to handle the redirect or re auth. Basic Machine Auth and SDI web integration is what we are looking for. Any input is appreciated. Thanks!

0 Helpful

ajc
Level 7
Level 7
In response to arnert

‎11-06-2017 11:48 AM - edited ‎11-06-2017 11:54 AM

Take a look on the following video as a general view that probably helps you with the requirement. You can also configure the AUTHZ policies if you want webauth after machine authentication.

 

https://www.youtube.com/watch?v=bjH99xKepLY

 

Please check as well the MAR aging time mentioned in the following post: 

https://supportforums.cisco.com/t5/aaa-identity-and-nac/ise-2-1-mar-aging-time-eap-tls/td-p/3209628

Customers Also Viewed These Support Documents