A Cisco ISE engineer configures Central Web Authentication (CWA) for wireless guest access and must have the guest endpoints redirect to the guest portal for authentication and authorization.
While testing the policy, the engineer notices that the device is not redirected and instead gets full guest access. What must be done for the redirect to work?

Question

A Cisco ISE engineer configures Central Web Authentication (CWA) for wireless guest access and must have the guest endpoints redirect to the guest portal for authentication and authorization.

While testing the policy, the engineer notices that the device is not redirected and instead gets full guest access. What must be done for the redirect to work?

Szymon Strzep · Accepted Answer

Add the DACL name for the Airespace ACL configured on the WLC in the Common Tasks section of the authorization profile for the authorization policy line that the unauthenticated devices hit.

Szymon Strzep · Answer

Tag the guest portal in the CWA part of the Common Tasks section of the authorization profile for the authorization policy line that the unauthenticated devices hit.

Szymon Strzep · Answer

Use the track movement option within the authorization profile for the authorization policy line that the unauthenticated devices hit.

Szymon Strzep · Answer

Create an advanced attribute setting of Cisco:cisco-gateway-id=guest within the authorization profile for the authorization policy line that the unauthenticated devices hit.

Question list

List of questions

Question 1

(0)

Question 2

(0)

Question 3

(0)

Question 4

(0)

Question 5

(0)

Question 6

(0)

Question 7

(0)

Question 8

(0)

Question 9

(0)

Question 10

(0)

Related questions

Question 365 - 350-701 discussion

Suggested answer: D

0 comments