Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Automatic provision of WLAN profiles to cliets through ISE

Hi All,

Our customer was using L3 web auth for corporate users . LDAP was integrated directly with WLC for authentication . Now they want to use L2 web authentication WPA2/PEAP for corporate users . As per my understanding for using L2 auth , we need to create the appropriate SSID profile in end user laptops in order to associate with the SSID . Wheras L3 web auth , dont require that . Simply connect -> then open browser -> redirect to captive portal -> authentication. Customer was habituated with that.

Hence they dont want to manually create the SSID profiles in laptops . They hav got base ISE licnese(only for AAA). So is there any option to provide the WLAN profiles to customer laptops and mobile devices with the help of ISE .

Thanks,

Vijay

5 REPLIES
Hall of Fame Super Silver

Re: Automatic provision of WLAN profiles to cliets through ISE

I don't think you can do anything with base license.. With a different license, there is on boarding or you can configure self registration. With base ISE license the easiest way, might not be what your client wants to do, is to have an open SSID using PEAP (WPA2/AES). This way users can click on the SSID and use their AD credentials to connect. Once they connect, the device will creat a profile and store it on the device.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

Automatic provision of WLAN profiles to cliets through ISE

Hi Scott ,

This way users can click on the SSID and use their AD credentials to  connect. Once they connect, the device will creat a profile and store it  on the device.

So you mean to say , no need of creating the profile manually in laptop ? We have broadcasted test SSID with WPA2/AES . When we connect to the SSID with win 7 laptops its not asking for AD credentials . Simply it gives errror not able to connect. But when we manually configured the SSID in laptop and connect , it asks for credentials and succeed.

For latest mobiles , when we connect to the test SSID. it asks the credentials directly and succeed. The issue is for laptops only , that we need to create the SSID prfile manualy in laptops.

Hall of Fame Super Silver

Re: Automatic provision of WLAN profiles to cliets through ISE

You shouldn't have to create a profile. This has worked for me with XP, Windows 7, Windows 8, OSX, Android and iOS devices.

You need to make sure you just have WPA2/AES being defined.

Look at the screen shot I posted.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

Automatic provision of WLAN profiles to cliets through ISE

Hi Scott ,

I have configured the same in WLC . But it is not connecting for win xp and win 7 clients unless I have configured manually in client laptop.

Hall of Fame Super Silver

Re: Automatic provision of WLAN profiles to cliets through ISE

Create a new test SSID and try. Delete the old test SSID.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
88
Views
0
Helpful
5
Replies