This document explains support for the Apple mini-browser for use in BYOD/Guest Flows using ISE 2.2. ISE has official support for Apple iOS and macOS to use with Guest and BYOD in ISE 2.2 and later. Some of these examples talk about using DNS based ACLs with your REDIRECT_ACL so be sure you WLC supports this.
CSCuv74219CSCus61445 - DNS-based ACL does not work. The bug is fixed 220.127.116.11 and 18.104.22.168 (check other versions as well)
If you want to have seamless flow for guests using mini-browser along with BYOD on the same controller then you can use one of the following options:
8.4 code will allow per WLAN captive portal bypass, see below
Dual SSID flow (open network for guests and employee BYOD), allows open network with mini-browser for guest/byod and then suppressed mini-browser in the BYOD flow
Single SSID BYOD - Use DNS based ACLs for the ACL_BYOD_REDIRECT and add URL captive.apple.com, ACL_GUEST_REDIRECT will redirect everything except for
8.4+ WLC code
You can have Open Guest network with no suppression (captive portal bypass disabled) of mini-browser and Single SSID network for BYOD suppressing (captive portal bypass enabled) the mini-browser.
Since we now support the mini-browser with ISE 2.2 there is no need to enable captive portal bypass on the controller. The client connects to the guest network and the mini-browser will pop and auto-login.
For single SSID there is no change in the behavior as the client is directed to go through the flow once and understand they must launch the browser. You will want to enable captive portal bypass per the options above or use DNS
Hi Guys, I need some help, i am deploying BYOD for andriod and i need to know the ip address for teh google play which should be allowed to download app. I am not able to find out all the ip address which is required. Thanks
Hello everyone, I am happy that I joined this community. I know that this is the best place to learn and help people, but at this moment I need some help because it's very urgent. I have 2 ASA 5505 connected by an interface. The interface is to ...
Hi experts, Doing some research for a customer's project. I found that ISE does not contains any posture remediation actions for Crowdstrike software (please see attachment). I've check both the AntiMalware and AntiVirus remediation options and didn'...
Have a couple of firepower devices in HA , managed by FDM. I'm trying to add a token for smart licensing registration however I can't seem to see or select any option other than 'US region'. This is happening under both the cloud services registration and...
Hi, can anyone help me to how setup a client-to-site vpn on RV345 router, I've tried many ways but no luck. I already went through the Cisco guide for this onhttps://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb...