cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
284
Views
0
Helpful
3
Replies
Highlighted
Beginner

ISE Guest Portal and one more SSID using internal accounts

Hi Guys,

I have two SSIDs on WLC, the first is related with ISE Guest Portal and the second is related with employee but i realize that the

Guest user can access the employee SSID and employee accounts can access the Guest portal page.

I guess this is happen because i cannot split these databases under "Internal Users" on Authentication Policy.

How can i restrict the access even if i am using the internal databse?

thanks a lot

3 REPLIES 3
Beginner

ISE Guest Portal and one more SSID using internal accounts

Folks,

i could get restrictions using the Authorization profile, where i put the condition using the Guest identity and the Wlan ID will get the deny access restriction.

If anyone has a different way to apply, please let me know!

thanks

Beginner

ISE Guest Portal and one more SSID using internal accounts

using the Authorization policy is the right way.  Match the corp ID store to the corp WLAN SSID ID in the AuthZ policy, for example (where Employee is your corp ID store and yyyy is the name of your corp SSID):

ISE Guest Portal and one more SSID using internal accounts

you can also make @ one group user for guest and employee and define it to match the policy for them in authZ policy...