05-22-2017 04:26 PM
Hi Team,
I have a customer who is adding his guest users into registered endpoints group as part of their CWA flow. Later on based on if the MACaddress is part of this registered endpoint group they are provided access.
Here are the authz rules :
When user authenticate via web portal, MAC address is remember and stored in RegisteredDevices identity group and later is used for authentication instead of username/password. But then we do not have full visibility which IP/MAC address is correlated to which user, and in WLC username is stored as MAC address:
On Cisco ISE if I go to Home > Guests > Guests type I will get this information, but it is not stored permanently:
1. When user logs in to guest wireless and authenticates using web portal, MAC address of his devices is registered. Where exactly correlation between Portal User and MAC address is stored?
2. After what time of user being idle (do not authenticate again using Portal User credentials) information about user (Portal User to device MAC address among other info) will be flushed?
3. How to have full guest user visibility and audit trail in this scenario?
I looked at the Master Guest report but this doesn't give us full visibility of Portal user to MAC address/IP address binding.
Thanks
Priyanka
Solved! Go to Solution.
05-22-2017 05:21 PM
Did you see my response on the internal
Post?
I shared a slide deck with 2 defects around guest MAC address remember me
This is for partners or cisco employees
https://communities.cisco.com/docs/DOC-63010
Look under attachments on the bottom for the guest PowerPoint
THis isna is a screenshot as I am on my phome
05-22-2017 05:21 PM
Did you see my response on the internal
Post?
I shared a slide deck with 2 defects around guest MAC address remember me
This is for partners or cisco employees
https://communities.cisco.com/docs/DOC-63010
Look under attachments on the bottom for the guest PowerPoint
THis isna is a screenshot as I am on my phome
05-31-2017 09:49 PM
Hi Jason,
Thanks for sharing the BUGS. The customer was also curious about the portal user to MAC address mapping that we do see under context visibility >> Guest. Is there a specific time the portal user to MAC address shows up under context visibility ?
Thanks
Priyanka
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide