Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
576
Views
5
Helpful
4
Replies

Guest authentication in ISE

Go to solution
vijay kumar
Level 2
Level 2

‎07-01-2013 12:02 AM - edited ‎07-04-2021 12:19 AM

Hi All,

We are having two SSID in WLC. We are planning that both SSID users has to get authenticate through ISE by Web auth .

One SSID users will get authenticate via guest accounts created by sponsor. Another SSID need to get authenticate by AD user group.

So , in ISE if it is possible to ceate two seperate rules for the SSID's?

Thanks!

TS.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
mmangat
Level 1
Level 1

‎07-01-2013 12:42 AM

Hello,

Please have a look at this short cisco doc that shows ISE Policies Based  on SSID Configuration Examples.

http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080bed902.shtml

View solution in original post

Go to solution
Amjad Abdullah
VIP Alumni
VIP Alumni

‎07-01-2013 01:18 AM

Hi Vijay,

I am not an ISE guy, but from my understanding to the concept of the policy model on which the ISE is based I can say "yes. It is possible".

You need to create two different identity sources based on which SSID the user is connecting.

If a user is connecting to SSID1 then check credentials locally.

If a user is connecting to SSID2 then check credentials on AD.

HTH

Amjad

p.s: the term "identity source" is from Cisco ACS 5.x. in ISE you may have same or different name but with same concept.

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

0 Helpful
4 Replies 4

Go to solution
mmangat
Level 1
Level 1

‎07-01-2013 12:42 AM

Hello,

Please have a look at this short cisco doc that shows ISE Policies Based  on SSID Configuration Examples.

http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080bed902.shtml

Go to solution
Amjad Abdullah
VIP Alumni
VIP Alumni
In response to mmangat

‎07-01-2013 01:22 AM

Mantej,

Very useful doc. +5.

Vijay: Mantej doc provided shows two different methods to achive your goal. It should be what you are exactly looking for.

Regards,

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
0 Helpful

Go to solution
vijay kumar
Level 2
Level 2
In response to mmangat

‎07-01-2013 01:44 AM

Thanks a lot mantej.

0 Helpful

Go to solution
Amjad Abdullah
VIP Alumni
VIP Alumni

‎07-01-2013 01:18 AM

Hi Vijay,

I am not an ISE guy, but from my understanding to the concept of the policy model on which the ISE is based I can say "yes. It is possible".

You need to create two different identity sources based on which SSID the user is connecting.

If a user is connecting to SSID1 then check credentials locally.

If a user is connecting to SSID2 then check credentials on AD.

HTH

Amjad

p.s: the term "identity source" is from Cisco ACS 5.x. in ISE you may have same or different name but with same concept.

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card