Does anyone get the same result as me when integrating Cisco ISE with Wireless LAN Controller ?
My Authentication Policy :
IF "WLC_Authentication" THEN "Default Network Access" > "Internal Users"
My Authorization Policy :
IF "Guest" THEN "InternetOnly"
When I monitoring on the Live Authentication page, I can see only the MAC address and a guest account that authenticated. I cannot see the IP address of the guest client. Do you get the same result as me ?
Please advise on how to get the IP address of the guest client to show on the Live Authentication Page.
You want the mac address to come through in the access-request because of the radius probe feature. If you change the calling station id to the ip address then you lose the ability to validate the endpoint the client is authenticating through.
However you should be able to go the endpoint database and see the ip address that it was assigned via dhcp.
I have the same problem. Also want to see the guest ip address in the live authentication. We need the correlation between MAC-USER-IP for legal reasons. Was hoping that ISE could solve this, but apparently it can't.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...