Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello!For a customer, i'd like to configure two captive portals respectively tied to two SSID (different usage).
However, i'd like Guest Type to be tied to one of the captive portal/SSID, basically : - GuestType "A" can only authenticate to GuestPort...
Hello guys,Quick question about DNA Center 1.3.1.5. Is there any possibility to have a view on the scheduled task (Provision, SWIM, ..) and maybe stop the schedule if required? Even a API call to perform this?This look strange to not have this integr...
Hello guys,I'm planning to do an upgrade of a pair of 6880X in VSS (no IA) with a major gap between releases : 15.1(2) to 15.4(1).
I understand that ISSU process is not possible, so do you know any other way of doing the upgrade to limit the network ...
Hello there!I have a question regarding upgrade path on Cisco ASA 5555.I have an two ASA 5555 in Active/Standby running version 9.1(5) and I would like to upgrade them to 9.4(2), so I took a look at this document : http://www.cisco.com/c/en/us/td/doc...
Hello guys,I'm working on a routing lab to set up PBR between two sites with line protocol and ip sla tracking.What I like to do exactly, is to track the status of an interface (a loopback interface that is used just to force a path instead of anothe...
dACL is not a thing as SSID are mapped to different subnets. Once the Guest is authenticated, I just send an Access-Accept without any other attributes."Even if all SSID guest mac in one internal identity store' still when guest re-auth ISE can match...
Yes, review the thread/printscreen. And this is something that is usual to do that for "Permanent Guest" that's why i'm mentionning it (i.e : https://documentation.meraki.com/MR/Encryption_and_Authentication/CWA_-_Central_Web_Authentication_with_Cisc...
To clarify my statement : I'm not 100% sure we can match on the User Identity Groups instead of Endpoint Identity Group in authz conditions. As the RADIUS authentication is MAC based, the lookup should be performed on the Internal Endpoints identity ...
You cannot checks on these conditions are for CWA you perform Host Lookup type of authentication. ISE performs the authentication process on the guest portal "internally", it doesn't go through the RADIUS Policy Sets for this. Only Endpoint ID Groups...
