cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
configure & troubleshoot anyconnect
485
Views
0
Helpful
0
Replies
Highlighted

ISE1.4 CWA URL Public IP - WLC (Anchor/Foreigner) communication to PSN

Dear,
Scenario is as attached.


Guest gets public DNS which resolves CWA redirect URL into a public IP.
Guest cannot talk to PSN at PSN's private IP address.
WLC management interface can communicate with PSN's private IP address only.

 

I want to know,
1- If Guest can reach PSN CWA redirect URL using public IP address through internet; CWA should work, isn't it?
2- When foreign WLC communicates with ISE for radius authentication of anchored WLAN, which IP address does it use? (Management interface, Yes? & still Guest network should be able to reach PSN CWA redirect URL public IP address? Is it correct)


3-
A- If guest PC resolves PSN CWA redirect URL into a public IP; CWA redirect ACL on WLC should have ACE that permits traffic to PSN public IP & not the private IP address?
B- Is it valid for both type of WLCs? Anchor (in internet DMZ like Guest) and foreigner?

 

Thanks.

Everyone's tags (4)