Home > Cisco > Interface > Cisco Ise 13 User Guide

Cisco Ise 13 User Guide

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Ise 13 User Guide. The Cisco manuals for Interface are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 351

    Page 351 Guest Access with Hotspot Guest Portals CiscoISEprovidesnetworkaccessfunctionalitythatincludes“hotspots,”whichareaccesspointsthatguests canusetoaccesstheInternetwithoutrequiringcredentialstologin.Whenguestsconnecttothehotspot networkwithacomputeroranydevicewithawebbrowserandattempttoconnecttoawebsite,theyare automaticallyredirectedtoaHotspotGuestportal.Bothwiredandwireless(Wi-Fi)connectionsaresupported withthisfunctionality.... 
    Guest Access with Hotspot Guest Portals
CiscoISEprovidesnetworkaccessfunctionalitythatincludes“hotspots,”whichareaccesspointsthatguests
canusetoaccesstheInternetwithoutrequiringcredentialstologin.Whenguestsconnecttothehotspot
networkwithacomputeroranydevicewithawebbrowserandattempttoconnecttoawebsite,theyare
automaticallyredirectedtoaHotspotGuestportal.Bothwiredandwireless(Wi-Fi)connectionsaresupported
withthisfunctionality....

    Page 352

    Page 352 Employee Access with Credentialed Guest Portals EmployeescanalsoaccessthenetworkusingCredentialedGuestPortalsbysigninginusingtheiremployee credentials,aslongastheircredentialscanbeaccessedbytheidentitysourcesequenceconfiguredforthat portal. Guest Device Compliance Whenguestsandnon-guestsaccessthenetworkthroughcredentialedGuestportals,youcanchecktheir devicesforcompliancebeforetheyareallowedtogainaccess.YoucanroutethemtoaClientProvisioning... 
    Employee Access with Credentialed Guest Portals
EmployeescanalsoaccessthenetworkusingCredentialedGuestPortalsbysigninginusingtheiremployee
credentials,aslongastheircredentialscanbeaccessedbytheidentitysourcesequenceconfiguredforthat
portal.
Guest Device Compliance
Whenguestsandnon-guestsaccessthenetworkthroughcredentialedGuestportals,youcanchecktheir
devicesforcompliancebeforetheyareallowedtogainaccess.YoucanroutethemtoaClientProvisioning...

    Page 353

    Page 353 Self-Registered Guest Portal Sponsored-Guest PortalHotspot Guest PortalTask Notrequired(definedby guesttype) Notrequired(definedby guesttype) RequiredCreateEndpointIdentity Groups,onpage501 NotapplicableNotapplicableRequiredCreateaHotspotGuest Portal,onpage310 NotapplicableRequiredNotapplicableCreateaSponsored-Guest Portal,onpage311 RequiredNotapplicableNotapplicableCreateaSelf-Registered GuestPortal,onpage312 RequiredRequiredRequiredAuthorizePortals,on page314... 
    Self-Registered Guest
Portal
Sponsored-Guest PortalHotspot Guest PortalTask
Notrequired(definedby
guesttype)
Notrequired(definedby
guesttype)
RequiredCreateEndpointIdentity
Groups,onpage501
NotapplicableNotapplicableRequiredCreateaHotspotGuest
Portal,onpage310
NotapplicableRequiredNotapplicableCreateaSponsored-Guest
Portal,onpage311
RequiredNotapplicableNotapplicableCreateaSelf-Registered
GuestPortal,onpage312
RequiredRequiredRequiredAuthorizePortals,on
page314...

    Page 354

    Page 354 Thiscertificategrouptagwillbeavailabletoselectduringportalcreationorediting. Step 3ChooseGuestAccess>Configure>GuestPortals>CreateorEdit>PortalSettings. Step 4SelectthespecificcertificategrouptagfromtheCertificategrouptagdrop-downlistthatisassociatedwith thenewlyaddedcertificate. Create External Identity Sources CiscoISEcanconnectwithexternalidentitysourcessuchasActiveDirectory,LDAP,RADIUSToken,and RSASecurIDserverstoobtainuserinformationforauthenticationandauthorization.Externalidentitysources... 
    Thiscertificategrouptagwillbeavailabletoselectduringportalcreationorediting.
Step 3ChooseGuestAccess>Configure>GuestPortals>CreateorEdit>PortalSettings.
Step 4SelectthespecificcertificategrouptagfromtheCertificategrouptagdrop-downlistthatisassociatedwith
thenewlyaddedcertificate.
Create External Identity Sources
CiscoISEcanconnectwithexternalidentitysourcessuchasActiveDirectory,LDAP,RADIUSToken,and
RSASecurIDserverstoobtainuserinformationforauthenticationandauthorization.Externalidentitysources...

    Page 355

    Page 355 Procedure Step 1ChooseAdministration>IdentityManagement>IdentitySourceSequences>Add. Step 2Enteranamefortheidentitysourcesequence.Youcanalsoenteranoptionaldescription. Step 3ChecktheSelectCertificateAuthenticationProfilecheckboxandchooseacertificateauthenticationprofile forcertificate-basedauthentication. Step 4ChoosethedatabaseordatabasesthatyouwanttoincludeintheidentitysourcesequenceintheSelectedList box. Step 5RearrangethedatabasesintheSelectedlistintheorderinwhichyouwantCiscoISEtosearchthedatabases.... 
    Procedure
Step 1ChooseAdministration>IdentityManagement>IdentitySourceSequences>Add.
Step 2Enteranamefortheidentitysourcesequence.Youcanalsoenteranoptionaldescription.
Step 3ChecktheSelectCertificateAuthenticationProfilecheckboxandchooseacertificateauthenticationprofile
forcertificate-basedauthentication.
Step 4ChoosethedatabaseordatabasesthatyouwanttoincludeintheidentitysourcesequenceintheSelectedList
box.
Step 5RearrangethedatabasesintheSelectedlistintheorderinwhichyouwantCiscoISEtosearchthedatabases....

    Page 356

    Page 356 Create a Hotspot Guest Portal YoucanprovideaHotspotGuestportaltoenablegueststoconnecttoyournetworkwithoutrequiringa usernameandpasswordtologin.Anaccesscodecanberequiredtologin. YoucancreateanewHotspotGuestportal,oryoucaneditorduplicateanexistingone.Youcandeleteany HotspotGuestportal,includingthedefaultportalprovidedbyCiscoISE. AnychangesthatyoumaketothePageSettingsonthePortalBehaviorandFlowSettingstabarereflected inthegraphicalflowintheGuestFlowdiagram.Ifyouenableapage,suchastheAUPpage,itappearsin... 
    Create a Hotspot Guest Portal
YoucanprovideaHotspotGuestportaltoenablegueststoconnecttoyournetworkwithoutrequiringa
usernameandpasswordtologin.Anaccesscodecanberequiredtologin.
YoucancreateanewHotspotGuestportal,oryoucaneditorduplicateanexistingone.Youcandeleteany
HotspotGuestportal,includingthedefaultportalprovidedbyCiscoISE.
AnychangesthatyoumaketothePageSettingsonthePortalBehaviorandFlowSettingstabarereflected
inthegraphicalflowintheGuestFlowdiagram.Ifyouenableapage,suchastheAUPpage,itappearsin...

    Page 357

    Page 357 What to Do Next Youmustauthorizetheportalinordertouseit.Youcanalsocustomizeyourportaleitherbeforeorafteryou authorizeitforuse. Create a Sponsored-Guest Portal YoucanprovideaSponsored-Guestportaltoenabledesignatedsponsorstograntaccesstoguests. YoucancreateanewSponsored-Guestportal,oryoucaneditorduplicateanexistingone.Youcandelete anySponsored-Guestportal,includingthedefaultportalprovidedbyCiscoISE. AnychangesthatyoumaketothePageSettingsonthePortalBehaviorandFlowSettingstabarereflected... 
    What to Do Next
Youmustauthorizetheportalinordertouseit.Youcanalsocustomizeyourportaleitherbeforeorafteryou
authorizeitforuse.
Create a Sponsored-Guest Portal
YoucanprovideaSponsored-Guestportaltoenabledesignatedsponsorstograntaccesstoguests.
YoucancreateanewSponsored-Guestportal,oryoucaneditorduplicateanexistingone.Youcandelete
anySponsored-Guestportal,includingthedefaultportalprovidedbyCiscoISE.
AnychangesthatyoumaketothePageSettingsonthePortalBehaviorandFlowSettingstabarereflected...

    Page 358

    Page 358 •GuestDeviceRegistrationSettings—SelectwhetherCiscoISEautomaticallyregistersguestdevices ordisplaysapagewhereguestscanmanuallyregistertheirdevices. •BYODSettings—Letemployeesusetheirpersonaldevicestoaccessthenetwork. •Post-LoginBannerPageSettings—Notifyguestsofadditionalinformationbeforetheyaregranted networkaccess. •GuestDeviceComplianceSettings—RoutegueststotheClientProvisioningpageandrequirethem tofirstdownloadthepostureagent.... 
    •GuestDeviceRegistrationSettings—SelectwhetherCiscoISEautomaticallyregistersguestdevices
ordisplaysapagewhereguestscanmanuallyregistertheirdevices.
•BYODSettings—Letemployeesusetheirpersonaldevicestoaccessthenetwork.
•Post-LoginBannerPageSettings—Notifyguestsofadditionalinformationbeforetheyaregranted
networkaccess.
•GuestDeviceComplianceSettings—RoutegueststotheClientProvisioningpageandrequirethem
tofirstdownloadthepostureagent....

    Page 359

    Page 359 •AcceptableUsePolicy(AUP)PageSettings •BYODSettings Before You Begin Ensurethatyouhaveconfiguredtherequiredcertificates,externalidentitysources,andidentitysource sequencesforthisportal. Procedure Step 1ChooseGuestAccess>Configure>GuestPortals>Create,EditorDuplicate.. Step 2Ifcreatinganewportal,intheCreateGuestPortaldialogbox,selectSelf-RegisteredGuestPortalasthe portaltypeandclickContinue. Step 3ProvideauniquePortalNameandaDescriptionfortheportal.... 
    •AcceptableUsePolicy(AUP)PageSettings
•BYODSettings
Before You Begin
Ensurethatyouhaveconfiguredtherequiredcertificates,externalidentitysources,andidentitysource
sequencesforthisportal.
Procedure
Step 1ChooseGuestAccess>Configure>GuestPortals>Create,EditorDuplicate..
Step 2Ifcreatinganewportal,intheCreateGuestPortaldialogbox,selectSelf-RegisteredGuestPortalasthe
portaltypeandclickContinue.
Step 3ProvideauniquePortalNameandaDescriptionfortheportal....

    Page 360

    Page 360 •VLANDHCPReleasePageSettings—ReleasetheguestdeviceIPaddressfromtheguestVLANand renewittoaccessanotherVLANonthenetwork.Formoreinformation,seeBYODSettingsfor CredentialedGuestPortals,onpage782. •AuthenticationSuccessSettings—Specifywheretodirectguestsaftertheyareauthenticated.Ifyou redirectaGuesttoanexternalURLafterauthentication,theremaybeadelaywhiletheURLaddress isresolvedandthesessionisredirected.Formoreinformation,seeAuthenticationSuccessSettingsfor GuestPortals,onpage784.... 
    •VLANDHCPReleasePageSettings—ReleasetheguestdeviceIPaddressfromtheguestVLANand
renewittoaccessanotherVLANonthenetwork.Formoreinformation,seeBYODSettingsfor
CredentialedGuestPortals,onpage782.
•AuthenticationSuccessSettings—Specifywheretodirectguestsaftertheyareauthenticated.Ifyou
redirectaGuesttoanexternalURLafterauthentication,theremaybeadelaywhiletheURLaddress
isresolvedandthesessionisredirected.Formoreinformation,seeAuthenticationSuccessSettingsfor
GuestPortals,onpage784....
    Start reading Cisco Ise 13 User Guide

    Related Manuals for Cisco Ise 13 User Guide

    All Cisco manuals