Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello Team,
I have the following question:
Imagine you have 2 interfaces on ISE:
fqdn ise.private.com
G0 - 1.1.1.1
G1 - 2.2.2.2
ip host 2.2.2.2 ise.public.com
How ISE determines which FQDN to send back to NAD if both checkboxes are checked in...
Hello Team, Jason,I have the following question on ISE 2.1 p3Let's say we have the LDAP group "A" with all users, LDAP group "B" with user Bob. User Bob is also member of group A, since this group contains all users.Sponsor Group ALL_ACCOUNTS has map...
Guest & BYOD Device Registration only (no supplicant or certificate provisioning)Today I saw interesting Guest/BYOD use case, any idea how we can overcome it?Problem:Customer wants to use single guest portal for guests and employees. He wants to plac...
Hi Jason,
Thanks for looking into it. The link you shared is about static redirect. The question I am looking into is rather about how the feature is designed, could you check what is the trigger for the fqdn of the portal to be returned?
Hello Viktor,Thanks for you reply, fact that no one complained does mean, there it works for everyone, right? Anyway together with Jason we found the way how using one portal leverage 2 different identity groups for guests vs employees, having good u...
Hi Jason,The option with the rules was proposed to the customer, but it is again bad user experience, you will have 2 redirects, which is not nice.I tried disabling client provisioning as well - you will have different error.Allow employees to choose...
Hi Jason,Thanks for looking into it.It is global, everyone who connects to this SSID should end up in endpoints identity group. "Registered Devices" for employees vs "Whatever configured Group" for Guests.Thanks.
Hello,Basic PAT will look like:object network internal_net subnet 10.1.1.0 255.255.255.0!object network internal_netnat (inside,outside) dynamic interfaceWhere internal_net is your LANBest Regards,Eugene
