Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1230
Views
0
Helpful
5
Replies

Web Passthrough with ISE for guest wireless? (only email address is needed to join the network)

sysmalainen
Level 1
Level 1

‎04-22-2015 01:30 AM - edited ‎07-05-2021 02:59 AM

Hi all,

Is it possible to configure "Web Passthrough mode" with email Input for wireless guest network with ISE? So the users would only be prompted for their e-mail address when attempting to connect to the network and no authentication what so ever would be needed.

 

Many thanks

 

Labels:
0 Helpful
5 Replies 5

abwahid
Level 4
Level 4

‎05-28-2015 01:00 AM

Hi,

I don't think so, we have this type of feature in ISE uptill now

0 Helpful

jacob
Level 1
Level 1

‎04-27-2016 04:36 PM

On the WLC it's easy out of the box, right?  Just WLAN > Security > Layer 3 > Web Policy > Passthrough and there is a nice little checkbox for "email input" 

But for ISE you can set up a Self-Registered Guest portal (Guests can also create their own accounts, which you can configure as auto-approved) these accounts will have names and passwords and email addresses!

http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_01111.html#ID32

Hope that helps!

Majorbacon

0 Helpful

mohanak
Cisco Employee
Cisco Employee

‎04-27-2016 07:52 PM

Web Passthrough

This is a variation of the internal web authentication. It displays a page with a warning or an alert statement, but does not prompt for credentials. The user should click ok. You can enable email input, and the user can enter their email address, which becomes their username. When the user is connected, check your active clients list; that user is listed with the email address they entered as the username. For more information, refer to the Wireless LAN Controller Web Passthrough Configuration Example.

0 Helpful

jacob
Level 1
Level 1
In response to mohanak

‎04-28-2016 07:24 AM

Great reference link Mohanak!  The original question was if this could be done centrally using ISE instead of locally on the WLC. Any thoughts on that?

0 Helpful

ali aqrabawi
Level 3
Level 3

‎04-28-2016 08:56 AM

to answer your question we need to know what is the role of the ISE will be ? 

will the ISE be acting as NAC server like in CWA ? or it will only act as web server and radius server ? .

if the ISE will act as NAC , then ask your question here :

https://supportforums.cisco.com/community/5936/aaa-identity-and-nac

if it will be webserver/radius server , then do what  jacob mentioned 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card