Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1109
Views
0
Helpful
0
Replies

Cisco ISE Guest Portal behind Reverse Proxy

GoncaloContente
Level 1
Level 1

‎03-17-2020 05:14 AM - edited ‎03-17-2020 06:15 AM

Hi,

 

I have been assigned with the task of assessing if its possible to have a ISE guest portal behind a reverse proxy. Our Cisco ISE is configured with an authorization policy to redirect guest users to the guest portal when they connect to the WiFi network. The policy has the following attributes:

 

cisco-av-pair = url-redirect-acl=ACL_WEB_REDIRECT, cisco-av-pair = url-redirect=https://<PSN1_IP>:port/portal/gateway?sessionId=SessionIdValue&portal=2c8ae510-3b51-11e8-b669-000c29f023f5&action=cwa

 

From what i understand i can configure the url-redirect value with the URL of my reverse proxy. However since the ISE guest portal has a session ID value i wonder what information from the client Cisco ISE needs to establish a session ID (maybe IP address or username ??) ?

 

As anyone deployed Cisco ISE Guest portal behind reverse proxy? if so, what problems did you encounter? Did the reverse proxy required a special conf to make it work?

 

TIA

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents