Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1653
Views
0
Helpful
5
Replies

How to configure limited access to wireless users

Go to solution
IshwarBamane2910
Level 1
Level 1

‎11-03-2021 02:04 AM

We have 9800 wlc and ISE (2.7) in our network and we have posture check policy for wireless user on ISE. 

 

But now we need to configure limited access to non compliance wireless user. 

Is it possible to do it for wireless user ? 

If yes kindly provide way of configuration to provide limited access to non compliance wireless user .

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to IshwarBamane2910

‎11-03-2021 02:26 AM

what kind of posture agent you have intune or any connect ? the same way it works for both (either BYOD or any device, if they not meet posture put them to different VLAN and fix it.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful
5 Replies 5

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎11-03-2021 02:15 AM

Hope you looking BYOD device connecting to Wireless right :

 

Look at the below Guide :

 

https://ciscocustomer.lookbookhq.com/iseguidedjourney/ISE-manage-on-my-device-portal

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
IshwarBamane2910
Level 1
Level 1
In response to balaji.bandi

‎11-03-2021 02:22 AM

No i m looking for employee ssid. 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to IshwarBamane2910

‎11-03-2021 02:26 AM

what kind of posture agent you have intune or any connect ? the same way it works for both (either BYOD or any device, if they not meet posture put them to different VLAN and fix it.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
IshwarBamane2910
Level 1
Level 1
In response to balaji.bandi

‎11-03-2021 03:04 AM

scenario happend today

one of our VIP user connected to employee SSID.
as soon as he connect anyconnect agent start scanning and it's show scanning result as non complaint.
And according to policy and authorization profile define on ise user was block for network access.
bcoz in authorization profile we had selected permit block.

but that user want limited access (like mail,citrix, ms teams) to his non compliant device.
so question is how we can achieve this in wireless network ?

can we use DACL or Airspace ACL configuration in ISE authorization profile ?....

0 Helpful

Go to solution
IshwarBamane2910
Level 1
Level 1

‎11-03-2021 03:03 AM

scenario happend today

one of our VIP user connected to employee SSID.
as soon as he connect anyconnect agent start scanning and it's show scanning result as non complaint.
And according to policy and authorization profile define on ise user was block for network access.
bcoz in authorization profile we had selected permit block.

but that user want limited access (like mail,citrix, ms teams) to his non compliant device.
so question is how we can achieve this in wireless network ?

can we use DACL or Airspace ACL configuration in ISE authorization profile ?

0 Helpful
Customers Also Viewed These Support Documents