02-15-2019 10:30 AM - edited 07-05-2021 09:52 AM
Hi,
We are getting ready to implement a Guest Wireless solution, possibly with the integration of ISE and its guest portal. The question is whether or not the Cisco WLC needs a valid trusted certificate? The ISE will need one as this is where the client web browser will land. However it is unclear if the WLC needs one for redirection? After browsing many Cisco documents and reference guides, I have not found an explicit answer. Can someone advise any assistance would be greatly appreciated.
Thanks,
Solved! Go to Solution.
02-15-2019 11:20 AM
Hi
It does not. On the previous web guest solution with NAC, the WLC portal also played a role on the process after the NAC portal. On that solution, I was necessary if you didn´t want to handle the certificate error.
With ISE things are quite different and you don't need the valid certificate on the WLC. The SSID is configured almost the same as if it is using regular radius authentication:
Layer 2 Security - You can let as none.
MAC Filtering - check it.
Layer 3 Security - You can let as none
Captive Network Assistant Bypass - You can let as none
-If I helped you somehow, please, rate it as useful.-
02-15-2019 11:20 AM
Hi
It does not. On the previous web guest solution with NAC, the WLC portal also played a role on the process after the NAC portal. On that solution, I was necessary if you didn´t want to handle the certificate error.
With ISE things are quite different and you don't need the valid certificate on the WLC. The SSID is configured almost the same as if it is using regular radius authentication:
Layer 2 Security - You can let as none.
MAC Filtering - check it.
Layer 3 Security - You can let as none
Captive Network Assistant Bypass - You can let as none
-If I helped you somehow, please, rate it as useful.-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide