Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
507
Views
0
Helpful
1
Replies

WLC and ISE Integration Question

Go to solution
Quintin.Mayo
Level 3
Level 3

‎02-15-2019 10:30 AM - edited ‎07-05-2021 09:52 AM

Hi,

We are getting ready to implement a Guest Wireless solution, possibly with the integration of ISE and its guest portal. The question is whether or not the Cisco WLC needs a valid trusted certificate? The ISE will need one as this is where the client web browser will land. However it is unclear if the WLC needs one for redirection? After browsing many Cisco documents and reference guides, I have not found an explicit answer.  Can someone advise any assistance would be greatly appreciated.

 

Thanks,

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP

‎02-15-2019 11:20 AM

Hi

 It does not.  On the previous web guest solution with NAC, the WLC portal also played a role on the process after the NAC portal. On that solution, I was necessary if you didn´t want to handle the certificate error.

 With ISE things are quite different and you don't need the valid certificate on the WLC.  The SSID is configured almost the same as if it is using regular radius authentication:

 

Layer 2 Security - You can let as none. 

MAC Filtering -  check it.

Layer 3 Security -  You can let as none

Captive Network Assistant Bypass - You can let as none

 

-If I helped you somehow, please, rate it as useful.-

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Flavio Miranda
VIP
VIP

‎02-15-2019 11:20 AM

Hi

 It does not.  On the previous web guest solution with NAC, the WLC portal also played a role on the process after the NAC portal. On that solution, I was necessary if you didn´t want to handle the certificate error.

 With ISE things are quite different and you don't need the valid certificate on the WLC.  The SSID is configured almost the same as if it is using regular radius authentication:

 

Layer 2 Security - You can let as none. 

MAC Filtering -  check it.

Layer 3 Security -  You can let as none

Captive Network Assistant Bypass - You can let as none

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card