Use Case 1: Meraki LWA (Local Web Authentication) integrated with ISE.
Meraki now supports ISE CWA flow. This should be used, otherwise LWA can still be used. As of May 2016 Meraki doesn't support ISE portal when the guest network is in a DMZ and needs to be tunneled back to MX (L3 Tunnel). Meraki hosts the splash page that authenticates against the ISE guest database. Meraki doesn't have a self-registration portal. You can setup a link on the Meraki Splash to the ISE self-registration portal so the user can create an account. There is no way to link directly to the Don't have an account function so the script below will redirect the browser automatically.
To embed a link to ISE self-reg portal from Meraki, see the entry at the end of this post
Use Case 2: Central Kiosk to perform self-registration
Setup a machine with web browser in a lobby where the user can come in and register and print an account for themselves. This is a secure way to prevent people outside of the building from registering. You don't have to worry about them being emailed or texted the credentials as they can prevent for themselves. You can have 1 portal allowing self-registration, this would be used for the kiosk. The portal that the user is redirected to when connecting to wireless or wired network wouldn't have the option for self-registration (allow user to create their own account). The link on the browser would go to the main portal test URL and then it would be auto-redirected to the registration page.
Use Case 3: Customer says most of their visits to the portal page are to create an account so they want to bypass initial login.
When a user is first redirected to the ISE portal they go right to the self-reg flow to create an account and automatically login (option in the portal page flow under self-reg success page). They can also be notified of their credentials to use later on via email or SMS. When they visit the page again the script won't redirect them.
Here we are having JS push the link upon page entry to the Login page so that you immediately redirect to the Self-Reg page. But if you hit Cancel on that page you will be sent back to the Login page (you already have an account) then it won't redirect.
This code is placed in the Optional Content 2 area of the Login page when under the HTML editor (far right on the actions bar):
The following code will redirect to self-reg when you first visit the login page. After that if you click cancel on self reg page or or return back to the login page after completing registration it will no longer redirect you.
We created rules to block inbound and outbound traffic using a geolocation object. Both rules were at the top of the ACP, and were basically inverse of each other. The rules were set up as follows:----------------------------------------------------------...
Hi all, I have an ASA 5525x with PC-A on the INSIDE network with IP address 10.20.32.40. PC-B is in DMZ with an IP address of 10.20.30.10. The security level for INSIDE is 100 and DMZ is 50. I have rules to allow PC-A to communicate with...
Something change on the incoming mail policy.We want to change the configuration of the anti-spam policy for positive spam- from deliver to quarantine , but the option is not exist ,I can only choose - deliver ,drop ,bounce.Can any body explai...
Hello, We have certain teams that have very limited ISE GUI permissions for both Menu and Data. The purpose is to give them as simple an interface as possible but enable them to add/edit/delete endpoints that will have access to their specific networ...
Hello Everyone, I am working in an organization and want to create a server for Virtualization, i really do not have so much knowledge about the servers and know anything about Server Virtualization. Please help how what to look for in servers for virtual...