Timezones and Locations have always been an annoyance with ISE. ISE 1.3 got rid of some of the issues but also introduced some of its own. One of the main problems was that ISE came with only 1 location configured. This was the San Jose location. If you happened to be setting up the system based in that time zone of your browser timezone then everything worked fine. You created an account via self-registration or the sponsor portal and that account could be used to login to the guest portal.
Now if you were on a machine with another timezone such as Boston, the account wouldn't work because you created the account at 9am locally the timezone you chose was 3 hrs later. The account wouldn't become active until then. From Sponsored specified date guest types only active the account at the specific time.
This also wasn't obvious because if you have only 1 location created then you won't be give the choice to change it. Its only good for the user experience to not show it again if its the timezone you're operating out of. If you have multiple locations then its obvious once you know you have to configure them.
This image shows the choice you make when there are multiple locations configured
Location are configured under Guest Settings and also under the Sponsor Group and Self-registration portals.
From First Login (re-introduced in ISE 2.1, it was available in releases <1.3 as well) activates the account immediately regardless of the timezone (location selection). For most cases it doesn't matter that you're using locations at all since we introduced this capability since the account is ready to go once its created!
There is only a couple instances where you might still need to use locations.
The first is if you need to restrict access based off access times (example: only allow guests to login to portal from 8am to 5pm) under the guest type.
It can also be used to customize messages sent to the guests. For example, a success page or email notification that includes location and other variables. You don’t need to use locations for account creation time if using From First Login guest type but you’re still able to use the locations in notifications for customization.
Welcome Jason to our guest network, you are located in the Boston office, please connect to the guest network on SSID: boston-guest
Email notification example:
Hello $ui_first_name$, Your guest account details: Username: $ui_user_name$ Password: $ui_password$ First Name: $ui_first_name$ Last Name: $ui_last_name$ Valid From: $ui_start_date_time$ Valid To: $ui_end_date_time$
You are in the $ui_location_name$ Office, please connect to wireless network: $ui_ssid$
If you have no need for these options, then you can use From First Login type guests available in ISE 2.1+
So I set the following: debug crypto condition peer 10.10.10.1 debug crypto ikev2 protocol 127debug crypto ikev2 platform 127 However no debugs are displayed on the CLI for IPSEC tunnel negotiations. All configs for tunnel look good a...
I am running v2.2 patch 14.I currently am using the following profiling probes: HTTP, Radius, NMAP, SNMPQuery, AD. I have a total endpoint database of ~41,000 endpoints, with only about 18,000 active. As I go through my contect visibility trying to clean ...
On the Create Account Page the only option I want is to create Random accounts. So need the page to have only Random button, Number of accounts field and create button.From the discussion board, I have been able to remove most except the Username prefix b...
Hi,Hi, Wht cmd used in switch to check the communication with Radius server if the key & IP are correct? Also how to check in ISE? radius server Radius-1-address ipv4 172.30.5.6 auth-port 1812 acct-port 1813-automate-tester username dummy pr...