Hello. I need help. Right now I have a cisco WLC working with ISE. Right now users using mobile/laptop when they want to authenticate, they just need to input their username and password after clicking the SSID (using 802.1x authentication). Now, my client ask me to make changes. 1. Authentication will be going through a web/captive portal. Sounds simple enough. 2. Each user will be limited on what they can access. This is the problem. What I'm thinking is, I make a dACL on ISE and attach it to the user as a custom parameters. Is that possible without the client having to install any programs? From my experience, I've made this one but for VPN and the client has to use a client program in their laptop to login. My question is, can I implement this in standard wireless setup as well, but without a client program for the mobile phone/laptop/tablet? Aside from that, is there any other solution? I've read I can also create ACLs in WLC but I never done that before. Thank you in advance.
... View more