Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

ISE blacklist

Wondering if I could have a group of black listed devices point to a web page that says "contact Helpdesk" or something like that. Rather than the user not connecting and complain that wireless sucks. Not knowing their devices was blacklisted.

Any ideas ?

Sent from Cisco Technical Support iPad App

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
4 REPLIES
Cisco Employee

ISE blacklist

You could create a special AuthZ profile that mimicks the CWA redirect flow. This is off the top of my head, but I believe the two AV pairs used are something like

cisco-avpair:url-redirect

cisco-avpair:url-redirect-acl

The first being the URL we redirect clients to. The second being the redirect ACL that defines what traffic we want to pass back. If you check the 'Redirection CWA' box in the AuthZ profile you can see at the bottom the two specific pairs you want to use.

After that, you just uncheck the 'Redirect' box at the top and type in those pairs manually, and point the url redirect at another internal  resource hosting the page that says "contact Helpdesk" or whatever you want.

They technically get 'authenticated', but in all actuality the only resource they're able to reach on the network would be that 'Contact Helpdesk' page hosted elsewhere.

Cisco Employee

ISE blacklist

Hi George, I am trying to

Hi George, 

I am trying to apply something similar in our wireless network. Did you find a solution?. I will give a try in the lab to the idea that Sam provided below.

thanks

This post was over a year ago

This post was over a year ago. We got it working .. Thanks though ..

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
714
Views
7
Helpful
4
Replies