cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1388
Views
0
Helpful
5
Replies

ISE 1.3 CWA redirect and CoA issue

Andre Neethling
Level 4
Level 4

Hi All. I am experiencing an issue with CWA redirection not working. But when I enter the address of the Guest portal, I can successfully authenticate. However, no CoA is happening to activate the post auth Authorization Policy. I have attached some config screenshots for review. Any assistance will be appreciated.

 

EDIT: WLC code-7.4.121.0 and ISE code-1.3.0.876

 

5 Replies 5

Venkatesh Attuluri
Cisco Employee
Cisco Employee

can you attach screenshot of OPERATIONS -> AUTHENTICATION -> DETAIL and ACL on WLC  and is  URL redirection portion of the ACL have been  applied  to the session ?

 

HI. Thanks for your response. I have posted the Operations--->authentication. It is the authlog.jpg above. See attached the ACL and the Authentications detail. I have also added the Screen shot after portal authentication success. There is no CoA. Any help will be appreciated.

Regards

Andre

 

 

Hi Andre,

On your WLC(s) under:  Security -> AAA -> RADIUS -> Authentication

For each of your ISE PSN's do you have 'Support for RFC 3576' set to 'Enabled'?

 

I had this same problem this morning.

cheers,

Seb.

Hi Seb. Thanks for your reply.  I have support for RFC3576 enabled on both PSN.

Good day All. Thanks for your responses. I managed to eventually resolve the problem. The applied "Airspace ACLs" were not allowing the return DNS traffic. Once I corrected this. All is working. CoA, CWA redirect, Authorization policies are applying correctly.

 

Thanks again.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: