ISE Guest Authentication using WLC

danielnunes · ‎06-13-2013

Folks,

i am using the guest portal on ISE and WLC and i saw that all papers and guides are requesting that you need to use the Authentication (Web Policy) under Layer 3 security WLAN but for me just using the Passtrough option works fine, when i use the Passthrough option the guest cannot authenticate and the Auth Guest page still requesting me the credentials.

Thanks a lot

Richard Atkin · ‎06-14-2013

Please DO NOT use the WebAuth Config in the WLC, it doesn't work properly. Your best bet is to review the TrustSec 2.1 guide... It will show you how to do MAB and CWA to achieve your goal.

Richard.

Sent from Cisco Technical Support iPad App

Nicholas Poole · ‎06-14-2013

Not all docs say use web policy as L3, only the docs that are about how to setup L3 Web Auth are. Docs are normally written for a specific example in mind. Depending on what your own policy and circumstances are you might need to use LWA, L3 external Web Auth, or maybe just L2 MAC filtering for CWA.

danielnunes · ‎06-14-2013

Guys, thanks for that responses, i ll check all this things.

If someone has a example or a good paper about CWA and MAD please post it to me.

Thanks a lot

Nicholas Poole · ‎06-14-2013

what controller model and what software are you running?

danielnunes · ‎06-15-2013

I've checked and i am running 7.0 version, i saw on the Trust Sec 2.1 que i can not configure WLC usng the CWA, just under 7.2 or later.

this way i need still using web redirect on WLC.

thanks a lot

myanuary · ‎06-24-2013

you can use LWA, but you must be carefull using WLC, it can't redirect HTTPS traffic due to bugs

https://tools.cisco.com/bugsearch/bug/CSCar04580

and i think there is still problem about certificate with LWA, so sometimes need to disable secure-web web-auth...

manjeets · ‎06-27-2013

Please find the attachment,