Home > Cisco > Interface > Cisco Ise 13 User Guide

Cisco Ise 13 User Guide

Here you can view all the pages of manual Cisco Ise 13 User Guide. The Cisco manuals for Interface are available online for free. You can easily download all the documents as PDF.

Page 351

Guest Access with Hotspot Guest Portals
CiscoISEprovidesnetworkaccessfunctionalitythatincludes“hotspots,”whichareaccesspointsthatguests
canusetoaccesstheInternetwithoutrequiringcredentialstologin.Whenguestsconnecttothehotspot
networkwithacomputeroranydevicewithawebbrowserandattempttoconnecttoawebsite,theyare
automaticallyredirectedtoaHotspotGuestportal.Bothwiredandwireless(Wi-Fi)connectionsaresupported
withthisfunctionality....

Page 352

Employee Access with Credentialed Guest Portals
EmployeescanalsoaccessthenetworkusingCredentialedGuestPortalsbysigninginusingtheiremployee
credentials,aslongastheircredentialscanbeaccessedbytheidentitysourcesequenceconfiguredforthat
portal.
Guest Device Compliance
Whenguestsandnon-guestsaccessthenetworkthroughcredentialedGuestportals,youcanchecktheir
devicesforcompliancebeforetheyareallowedtogainaccess.YoucanroutethemtoaClientProvisioning...

Page 353

Self-Registered Guest
Portal
Sponsored-Guest PortalHotspot Guest PortalTask
Notrequired(definedby
guesttype)
Notrequired(definedby
guesttype)
RequiredCreateEndpointIdentity
Groups,onpage501
NotapplicableNotapplicableRequiredCreateaHotspotGuest
Portal,onpage310
NotapplicableRequiredNotapplicableCreateaSponsored-Guest
Portal,onpage311
RequiredNotapplicableNotapplicableCreateaSelf-Registered
GuestPortal,onpage312
RequiredRequiredRequiredAuthorizePortals,on
page314...

Page 354

Thiscertificategrouptagwillbeavailabletoselectduringportalcreationorediting.
Step 3ChooseGuestAccess>Configure>GuestPortals>CreateorEdit>PortalSettings.
Step 4SelectthespecificcertificategrouptagfromtheCertificategrouptagdrop-downlistthatisassociatedwith
thenewlyaddedcertificate.
Create External Identity Sources
CiscoISEcanconnectwithexternalidentitysourcessuchasActiveDirectory,LDAP,RADIUSToken,and
RSASecurIDserverstoobtainuserinformationforauthenticationandauthorization.Externalidentitysources...

Page 355

Procedure
Step 1ChooseAdministration>IdentityManagement>IdentitySourceSequences>Add.
Step 2Enteranamefortheidentitysourcesequence.Youcanalsoenteranoptionaldescription.
Step 3ChecktheSelectCertificateAuthenticationProfilecheckboxandchooseacertificateauthenticationprofile
forcertificate-basedauthentication.
Step 4ChoosethedatabaseordatabasesthatyouwanttoincludeintheidentitysourcesequenceintheSelectedList
box.
Step 5RearrangethedatabasesintheSelectedlistintheorderinwhichyouwantCiscoISEtosearchthedatabases....

Page 356

Create a Hotspot Guest Portal
YoucanprovideaHotspotGuestportaltoenablegueststoconnecttoyournetworkwithoutrequiringa
usernameandpasswordtologin.Anaccesscodecanberequiredtologin.
YoucancreateanewHotspotGuestportal,oryoucaneditorduplicateanexistingone.Youcandeleteany
HotspotGuestportal,includingthedefaultportalprovidedbyCiscoISE.
AnychangesthatyoumaketothePageSettingsonthePortalBehaviorandFlowSettingstabarereflected
inthegraphicalflowintheGuestFlowdiagram.Ifyouenableapage,suchastheAUPpage,itappearsin...

Page 357

What to Do Next
Youmustauthorizetheportalinordertouseit.Youcanalsocustomizeyourportaleitherbeforeorafteryou
authorizeitforuse.
Create a Sponsored-Guest Portal
YoucanprovideaSponsored-Guestportaltoenabledesignatedsponsorstograntaccesstoguests.
YoucancreateanewSponsored-Guestportal,oryoucaneditorduplicateanexistingone.Youcandelete
anySponsored-Guestportal,includingthedefaultportalprovidedbyCiscoISE.
AnychangesthatyoumaketothePageSettingsonthePortalBehaviorandFlowSettingstabarereflected...

Page 358

•GuestDeviceRegistrationSettings—SelectwhetherCiscoISEautomaticallyregistersguestdevices
ordisplaysapagewhereguestscanmanuallyregistertheirdevices.
•BYODSettings—Letemployeesusetheirpersonaldevicestoaccessthenetwork.
•Post-LoginBannerPageSettings—Notifyguestsofadditionalinformationbeforetheyaregranted
networkaccess.
•GuestDeviceComplianceSettings—RoutegueststotheClientProvisioningpageandrequirethem
tofirstdownloadthepostureagent....

Page 359

•AcceptableUsePolicy(AUP)PageSettings
•BYODSettings
Before You Begin
Ensurethatyouhaveconfiguredtherequiredcertificates,externalidentitysources,andidentitysource
sequencesforthisportal.
Procedure
Step 1ChooseGuestAccess>Configure>GuestPortals>Create,EditorDuplicate..
Step 2Ifcreatinganewportal,intheCreateGuestPortaldialogbox,selectSelf-RegisteredGuestPortalasthe
portaltypeandclickContinue.
Step 3ProvideauniquePortalNameandaDescriptionfortheportal....

Page 360

•VLANDHCPReleasePageSettings—ReleasetheguestdeviceIPaddressfromtheguestVLANand
renewittoaccessanotherVLANonthenetwork.Formoreinformation,seeBYODSettingsfor
CredentialedGuestPortals,onpage782.
•AuthenticationSuccessSettings—Specifywheretodirectguestsaftertheyareauthenticated.Ifyou
redirectaGuesttoanexternalURLafterauthentication,theremaybeadelaywhiletheURLaddress
isresolvedandthesessionisredirected.Formoreinformation,seeAuthenticationSuccessSettingsfor
GuestPortals,onpage784....
Start reading Cisco Ise 13 User Guide

Related Manuals for Cisco Ise 13 User Guide

All Cisco manuals