I wonder if there exists a suitable solution for the authentication of guests and visitors in a hospitality.
We have WLCs 5508 and ISE 1.2. What we want to do is as follows:
Visitors should get open but limited access after accepting the AUP.
Guests get an account with limited lifetime by the sponsor. After the initial login and AUP acceptance their device become GuestEndpoints through DRW. From then on they are authenticated using MAB and are allowed access without a login until the allowed time period expires.
There is one point that causes me a headache. If a Guests device is registered as GuestEndpoint and the Guest Account
has expired, his device keeps registered and never expires. I don't know if there is a way to remove these devices automatically
from time to time.
Another question is if it would be possible to handle both (Guest/Visitors) with only one SSID. As far as I know the Guest Portal
can be customized. So would it be possible to build a login page that allows the user to choose between AUP for instant access and