Timezones and Locations have always been an annoyance with ISE. ISE 1.3 got rid of some of the issues but also introduced some of its own. One of the main problems was that ISE came with only 1 location configured. This was the San Jose location. If you happened to be setting up the system based in that time zone of your browser timezone then everything worked fine. You created an account via self-registration or the sponsor portal and that account could be used to login to the guest portal.
Now if you were on a machine with another timezone such as Boston, the account wouldn't work because you created the account at 9am locally the timezone you chose was 3 hrs later. The account wouldn't become active until then. From Sponsored specified date guest types only active the account at the specific time.
This also wasn't obvious because if you have only 1 location created then you won't be give the choice to change it. Its only good for the user experience to not show it again if its the timezone you're operating out of. If you have multiple locations then its obvious once you know you have to configure them.
This image shows the choice you make when there are multiple locations configured
Location are configured under Guest Settings and also under the Sponsor Group and Self-registration portals.
From First Login (re-introduced in ISE 2.1, it was available in releases <1.3 as well) activates the account immediately regardless of the timezone (location selection). For most cases it doesn't matter that you're using locations at all since we introduced this capability since the account is ready to go once its created!
There is only a couple instances where you might still need to use locations.
The first is if you need to restrict access based off access times (example: only allow guests to login to portal from 8am to 5pm) under the guest type.
It can also be used to customize messages sent to the guests. For example, a success page or email notification that includes location and other variables. You don’t need to use locations for account creation time if using From First Login guest type but you’re still able to use the locations in notifications for customization.
Welcome Jason to our guest network, you are located in the Boston office, please connect to the guest network on SSID: boston-guest
Email notification example:
Hello $ui_first_name$, Your guest account details: Username: $ui_user_name$ Password: $ui_password$ First Name: $ui_first_name$ Last Name: $ui_last_name$ Valid From: $ui_start_date_time$ Valid To: $ui_end_date_time$
You are in the $ui_location_name$ Office, please connect to wireless network: $ui_ssid$
If you have no need for these options, then you can use From First Login type guests available in ISE 2.1+
Hello TogetherPlease i will open for LAN "Inside" the SSH Port. try with this commands but no postive result appair "Connection redused"i know iam on the right way, please and thanks for any Update:asa(config)# crypto key generate rsa general-keys modulus...
Hi all !I'm capturing Audit logs from FMC using tcpdump, but unfortunately I do not see any access policy changes in the logs : \I do get other logs like saving the configs etc, but when I edit the policy and add/remove/edit a rule , I get nothing on the ...
I am about to uprade two FTD 4110 FXOS. The first upgrade has been succeced on the Secondary and then I tried do run the same steps on the primery FTD. I has been runing upgrade in more than 2 hours on the primery FTD now and I am soure that some thing is...
Hello Community I'm following the doc https://www.cisco.com/c/dam/en/us/td/docs/security/content_security/virtual_appliances/Cisco_Content_Security_Virtual_Appliance_Install_Guide.pdf we have 3 interfaces for the virtual appliance. During c...