cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

344
Views
0
Helpful
2
Replies
Beginner

Catalyst 3850 web redirect to ISE

Hi there,

 

I am not able to configure a guest SSID to automatic redirection to ISE Guest portal after association and first URL navigation. The client associate to the AP but we have to manually enter the URL of the ISE Guest portal for login. Any suggestion?

Config of the SSID is as follows:

wlan Guest 2 Invitado
 aaa-override
 client vlan 50
 no exclusionlist
 ip access-group web REDIRECT
 mac-filtering ISE_CWA
 nac
 no security wpa
 no security wpa akm dot1x
 no security wpa wpa2
 no security wpa wpa2 ciphers aes
 security dot1x authentication-list ISE_DOT1X
 security web-auth parameter-map global
 session-timeout 1800
 no shutdown
!

ip access-list extended REDIRECT
 deny   icmp any any
 deny   udp any any eq bootps
 deny   udp any any eq bootpc
 deny   udp any any eq domain
 deny   ip any host <ISE#1>
 deny   ip any host <ISE#2>
 permit tcp any any eq www
 permit tcp any any eq 443
 permit tcp any any eq 8445

2 REPLIES 2

Hello Jesus,Please check the

Hello Jesus,

Please check the below configuration steps once for ISE Version 1.3 Self Registered Guest Portal Configuration Example.

I think your ACl configuration may not good please look into that as well.

www.cisco.com/c/en/us/support/docs/security/identity-services-engine/118742-configure-ise-00.html

Ex:  deny   ip any host <ISE#1>
 deny   ip any host <ISE#2>

Instead of the Host ISE#1 try to put IP address which is using for that and try.

 deny   ip any host <ISE#1>
 deny   ip any host <ISE#2> - See more at: https://supportforums.cisco.com/discussion/12524221/catalyst-3850-web-redirect-ise#sthash.regcvzRV.dpuf
Highlighted
Cisco Employee

Please refer to the below

Please refer to the below link  for Cisco ISE Guest Services

http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_01111.html#concept_CEF01CFF783F4750BD6C46113A45AA05

CreatePlease to create content
Content for Community-Ad

August's Community Spotlight Awards