05-06-2019 09:50 AM
Hello, I'm currently redirecting the guest users to a hotspot portal and that's working just fine. Once they disconnect and attempt to re-connect they're not being redirected to the portal anymore. How can I configure ISE to redirect the guest users everytime they connect to the guest wireless. I guess what I'm asking is if there's a way to purge the guest account automatically everytime they disconnect from the wireless.
Solved! Go to Solution.
05-14-2019 09:09 AM
I ended up creating a purging policy that purges endpoints every 8 hours which is the minimum. This is working fine. Thanks for all your inputs.
05-06-2019 10:29 AM - edited 05-06-2019 10:29 AM
Closest option is to use 'Endpoints: LastAUPAcceptanceHourse' condition to force them to accept AUP at set interval.
05-06-2019 10:46 AM
05-07-2019 04:50 AM - edited 05-07-2019 04:51 AM
Is it possible to share the policy screenshot?
05-07-2019 06:20 AM
05-07-2019 07:08 AM
1. Redirection policy with conditions as wireless mab & SSID name -> redirects to the guest portal.
2. Guest access policy with the condition as Network access: UseCase equals to Guest Flow -> Guest Access
Similar to this one.
05-07-2019 07:24 AM
05-07-2019 07:31 AM
Thanks Jason, so the period can't be less than 24 hours? I went through this doc and it says I can set the minimum to be 1 hour.
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2016/pdf/TECSEC-3672.pdf
Will my authz policy work the way it's created to prompt the guest for the AUP if they haven't accepted it in the last hour?
05-07-2019 08:07 AM
@NETAD wrote:
Thanks Jason, so the period can't be less than 24 hours? I went through this doc and it says I can set the minimum to be 1 hour.
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2016/pdf/TECSEC-3672.pdf
Will my authz policy work the way it's created to prompt the guest for the AUP if they haven't accepted it in the last hour?
Its showcasing a time range, saying < 24 hrs then dont prompt. The minimum time is 1 hour. The admin guide needs to be fixed. Why are you wanting to accept every time, this is going to be awful for user everytime they sleep their mobile device..
05-11-2019 05:31 PM
Another way might be to use the regular guest portal with username and password, rather than hotspot. I believe there a way to pre-filll the credentials, if needed.
Also, if CoA Reauthenticate selected as the CoA type in a hotspot portal, we might be able to use some attributes, such as GuestFlow as proposed by Aravind Ravichandran, to authorize the endpoints with proper access.
05-14-2019 09:09 AM
I ended up creating a purging policy that purges endpoints every 8 hours which is the minimum. This is working fine. Thanks for all your inputs.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: