cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

637
Views
5
Helpful
2
Replies
hbaytie01
Beginner

Wireless Guest is stuck in Sponsor Guest Portal after he authenticates successfully and browses anything online

Hi,

 

I configured Wireless Guest using Cisco ISE 2.0 Wireless Guest Setup Wizard, everything looks okay regrading the configuration and the user wants he connects to the WLAN he is able to self register his self and gets the password. After he enters the credentials and he typed anything like google.com, he is redirected to the Sponsor guest portal where he is asked to enter the credentials again and again. I saw i similar case but it is was a different setup with WLC (Anchor+Foreign). https://supportforums.cisco.com/t5/aaa-identity-and-nac/looping-authentication-page-after-successful-login-cisco-ise/td-p/2570492 

 

Any Help???

1 ACCEPTED SOLUTION

Accepted Solutions
dacabrer
Cisco Employee

Hi,

 

Two possible scenarios:

 

- ISE is not receiving the CoA-ACK from the WLC; you should be able to confirm this by looking in the RADIUS live logs for a Dynamic Authorization Failure. Port 1700 could be blocked or the CoA feature is not enable in the WLC (or it is just not responding back)

- Policy issue; the Network Access EQUALS Guest Flow then PermitAccess is missing

 

 

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116087-configure-cwa-wlc-ise-00.html

 

Best regards,

 

-dacabrer

View solution in original post

2 REPLIES 2
dacabrer
Cisco Employee

Hi,

 

Two possible scenarios:

 

- ISE is not receiving the CoA-ACK from the WLC; you should be able to confirm this by looking in the RADIUS live logs for a Dynamic Authorization Failure. Port 1700 could be blocked or the CoA feature is not enable in the WLC (or it is just not responding back)

- Policy issue; the Network Access EQUALS Guest Flow then PermitAccess is missing

 

 

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116087-configure-cwa-wlc-ise-00.html

 

Best regards,

 

-dacabrer

View solution in original post

hbaytie01
Beginner

 The CoA feature wasn't enabled in the Radius Server WLC:

 

WLC.png

Content for Community-Ad