Cisco Identity Services Engine (ISE) provides the ability for a guest user to create an account using the Self-Registered Guest Portal. Newly created guest account credentials can be sent to the user via SMS or Email (or both). This guide provides the steps required to use the Twilio SMS service to send SMS to guest users. Twilio uses the HTTPS POST method to receive API calls to send messages.
1) Sign up for a Twilio account at Twilio | Try Twilio Free. You would need to verify your phone number for successful account creation. This is an important security step that is mandatory to trying Twilio.
2) Navigate to Home > Account > Account Settings to see your Live and Test credentials. Each of these will have an Account SID and Auth Token. These will translate to your HTTPS Username and Password on ISE SMS gateway settings.
1) Upload the HTTPS CA certificate for the Twilio API URL (https://api.twilio.com) to allow ISE to have trusted communication. Twilio uses an SSL certificate issued by Thawte. Only the Thawte intermediate certificate (thawte SSL CA - G2) needs to be uploaded on to ISE as it should already have the Thawte Root CA certificate. The uploaded certificate is shown below (box checked).
2) Create an SMS Gateway at with the following Administration > Settings > SMS Gateway Provider List using the below settings.
4) Once the Guests registers on the portal page, they should receive a message from the Twilio number. During registration, the Guest should add the entire E.164 format (+1xxxxxxxxx or 1xxxxxxxxxx for US numbers) of the phone number as ISE automatically adds the To Number into the POST request.
A sample message is seen below. Twilio adds "Sent from your Twilio trial account" for a trial number.
From=%2B19514452481&To=%2B15677053635&Body="testmessage 3 from Harish to phone using Twillio !!!
Upload Twillio certificate ( the entire certificate chain ) to ISE trusted certificates Trust store ( ISE certificate Trust Store will already contain he Thawte issued root certificate )
The “From” phone number is URL encoded for e.g. %2B19148765678 to represent +19148765678
The “To” phone number when entered from an ISE portal such as Self-Registration Portal can be entered either as 19199056778 or with the preceding + (the E.164 number format) for e.g. +19199056778. The To phone number must not be entered as a URL encoded value.
12/3/2019 - To add information to keep this fresh @awatson20 found out that Twilio made a change to the certificate required. Had to export this cert, then import into ISE. Now this is working.
On August 20, 2018 at 9:45 AM Pacific, we updated our REST API's root certificate from Thawte Primary Root CA to DigiCert Global Root CA (this change was announced in June). If the errors you're seeing started on or after August 20, your system does not have our new root certificate installed in its local trust store. This can happen if you have pinned our old certificate, or if your local certificate bundle is out of date.
Hi,Good day I was trying to set-up Cisco ESA C390 in one our data center but I'm having issues establishing connections to external and public mail servers. Below is the error when I tested SMTP ping via CLI: Starting SMTP test of host alt1.gmai...
Hi All I would like to know if the firepower 4100 setup in Active-Passive, so if the uplink switch in VSS, combine 2x 40G uplink to the Firepower pair. QuesionFirepower Active-Passive setup, what would the real time interface bandwidth would be ...