ISE Guest Port Direction not working

Similar Messages

• Cisco ISE guest portal redirect not working after successful authentiation and URL redirect.

  Hi to all,
  I am having difficulties with an ISE deployment which I am scratching my head over and can't fathom out why this isn't working.
  I have an ISE 3315 doing a captive webportal for my guest users who are on an SSID.  The users are successfully redirected by the WLC to the following URL:https://x.x.x.x:8443/guestportal/Login.action?portalname=XXX_Guest_Portal
  Now when the user passes through the user authentication splash screen they get redirected to https://x.x.x.x:8443/guestportal/guest/redir.html and recieve the following error:
  Error: Resource not found.
  Resource: /guestportal/
  Does anyone have any ideas why the portal is doing this?
  Thanks
  Paul

  Hello,
  As you are not able to  get the guest portal, then you need to assure the following things:-
  1) Ensure that the  two  Cisco av-pairs that are configured on the  authorization profile should  exactly match the example below. (Note: Do  not replace the "IP" with the  actual Cisco ISE IP address.)
  –url-redirect=https://ip:8443/guestportal/gateway?...lue&action=cpp
  –url-redirect-acl=ACL-WEBAUTH-REDIRECT (ensure that this ACL is also  defined on the access switch)
  2) Ensure that the URL redirection portion of the ACL have been  applied  to the session by entering the show epm session ip   command on the switch. (Where the session IP is the IP address  that is  passed to the client machine by the DHCP server.)
  Admission feature : DOT1X
  AAA Policies : #ACSACL#-IP-Limitedaccess-4cb2976e
  URL Redirect ACL : ACL-WEBAUTH-REDIRECT
  URL Redirect :
  https://node250.cisco.com:8443/guestportal/gateway?sessionId=0A000A72
  0000A45A2444BFC2&action=cpp
  3) Ensure that the preposture assessment DACL that is enforced from  the  Cisco ISE authorization profile contains the following command  lines:
  remark Allow DHCP
  permit udp any eq bootpc any eq bootps
  remark Allow DNS
  permit udp any any eq domain
  remark ping
  permit icmp any any
  permit tcp any host 80.0.80.2 eq 443 --> This is for URL redirect
  permit tcp any host 80.0.80.2 eq www --> Provides access to internet
  permit tcp any host 80.0.80.2 eq 8443 --> This is for guest portal
  port
  permit tcp any host 80.0.80.2 eq 8905 --> This is for posture
  communication between NAC agent and ISE (Swiss ports)
  permit udp any host 80.0.80.2 eq 8905 --> This is for posture
  communication between NAC agent and ISE (Swiss ports)
  permit udp any host 80.0.80.2 eq 8906 --> This is for posture
  communication between NAC agent and ISE (Swiss ports)
  deny ip any any
  Note:- Ensure that the above URL Redirect has the proper Cisco ISE FQDN.
  4) Ensure that the ACL with the name "ACL-WEBAUTH_REDIRECT" exists on  the switch as follows:
  ip access-list extended ACL-WEBAUTH-REDIRECT
  deny ip any host 80.0.80.2
  permit ip any any
  5) Ensure that the http and https servers are running on the switch:
  ip http server
  ip http secure-server
  6) Ensure that, if the client machine employs any kind of personal  firewall, it is disabled.
  7) Ensure that the client machine browser is not configured to use any  proxies.
  8) Verify connectivity between the client machine and the Cisco ISE IP  address.
  9) If Cisco ISE is deployed in a distributed environment, make sure  that  the client machines are aware of the Policy Service ISE node FQDN.
  10) Ensure that the Cisco ISE FQDN is resolved and reachable from the  client machine.
  11) Or you need to do re-image again.

• ISE Guest Activity Report not working (1.2.0.899)

  Recently I upgraded an ISE to 1.2.0.899. I found the Guest Activity Report is not working. Before the upgrade it was working properly (with the limitation of 5000 records by report). Nothing in the ASA was modified, but nothing is reported in the ISE; also I use the tcpdump integrated in the ISE to validate the syslog messages are arriving from the ASA to the ISE. I already enable the Passed Authentication logging category.
  Do I need to modify something else,to have the report?

  Hi
  Please make sure these steps has configured correctly:
  Step 1 Create an alarm, as described in Creating, Editing, and Deleting Alarm Schedules.
  Step 2  Specify a rule for Passed Authentication, Failed Authentications, or Authentication Inactivity for all users of                 type guest, as described in Creating and Assigning an Alarm Rule.
  Step 3 Calculate guest user activity by Monitoring Live Authentications.

• ISE Guest Portal redirection not working

  I have built a lab at home. I have a Win2008 Server for AD/DNS, ISE 1.2 (VM trial), a 3560-cg switch, 2500 WLC and 2602i AP. I have configured everything as per the documentations online. My issue is that when I connect to the open SSID, it gets connected and has the dns server populated as well, but the redirection never takes place. I can search for google or cnn.com but it just stays at looking up host or something. However, if i take the redirect URL from the WLC and then do it on the browser, it does go to the guest portal. Let me know what issues I can see and if there is any other information I can provide.

  Issue resolved.
  Since my lab environment didnt have access to the internet and hence dns servers 8.8.8.8 would not resolve any public ips. But when an address is resolvable by a dns then it redirects nicely. For test I created a dns entry on the dns server itself and tested it.
  Sent from Cisco Technical Support Android App

• PavillionG​7-2315nr windows 7(64 bit) USB serial control or usb ports are not working. Please help!

  Hi I downgraded the laptop from windows 8 to windows 7 64 bit. Two of my USB ports are not working and cant find the right drivers for it. Can you please direct me, where I can download and update the drivers? Thanks in advance.
  Shawe

  Hi:
  Download and instal both of these drivers and reboot.
  http://h20565.www2.hp.com/hpsc/swd/public/detail?s​p4ts.oid=5229463&swItemId=ob_125616_1&swEnvOid=405​...
  http://h20565.www2.hp.com/hpsc/swd/public/detail?s​p4ts.oid=5229463&swItemId=ob_123787_1&swEnvOid=405​...

• So my airport extreme recently had some nat/dns issue and in the airport utility displayed a warning about it and to correct it. I wasn't sure what to do so i pressed the resolve icon and now my guest network is not working.

  So my airport extreme recently had some nat/dns issue and in the airport utility displayed a warning about it and to correct it. I wasn't sure what to do so i pressed the resolve icon and now my guest network is not working.

  Anytime you change networking hardware, it is always a good idea to perform a complete power recycle of your networking components.
  I would recommend that you do the following as a minimum:
  Power-down the modem, AirPort base station, and computer(s).
  Disconnect the AirPort base station from the Internet broadband modem.
  While all of the devices are powered-down, perform a "factory default" reset on the base station. This will get it back to its "out-of-the-box" configuration and make setting it up much easier, especially if you use the "Assist me" process within the AirPort Utility. (ref: Resetting an AirPort Base Station or Time Capsule)
  After the base station resets, go ahead and power it back down.
  Reconnect the AirPort base station to the Internet broadband modem. For the Extreme and Time Capsule, be sure to connect the cable to the base station's WAN (circle-of-dots) port.
  Power-up the modem; wait at least 10-15 minutes to allow it adequate time to initialize.
  Power-up the AirPort base station; wait at least 5-10 minutes. Note: The AirPort's status light may continue to flash amber after it has intialized. That is because, there may be some additional configuration items necessary, like setting up wireless security, before the overall setup is completed to get a green status.
  Power-up your computer(s).
  In this basic configuration, the AirPort base station will broadcast an unsecured wireless network with a Network Name (SSID) of Apple Network NNNNNN. Network clients, connected to the base station either by wire or wireless, should now be able to access the Internet through the ISP's modem. Once Internet connectivity has been verified, you can use the AirPort Utility to configure the base station for wireless security and any other desired options. Please post back your results.

• USB ports does not work

  Hi I have problems with not working USB ports. It used to work. I downloaded actual drivers at msi.com for my gaming notebook GX 60 Destroyer and now my USB ports does not work. What should I do?

  What driver have you updated?
  Try to do an EC firmware reset by removing the battery and the AC adapter then put the battery back with AC adapter attached.
  Same questions like Pegasus asked, does all ports not working? which one exactly? What OS are you using?
  Have you done any changes to the system? (for example: self-install OS or changing OS)

• I plugged in my ipod and now i get the error message: Because a USB device was drawing too much power from your computer, one or more of your USB devices have been disabled" - i have a MAcBook pro and now my USB ports do not work - can anyone help me ???

  i plugged in my ipod and now i get the error message: Because a USB device was drawing too much power from your computer, one or more of your USB devices have been disabled" - i have a MAcBook pro and now my USB ports do not work - can anyone help me ???

  Sometimes you have to reset the SMC two or three times for it to work, don't know why. I've seen that error message before and 100% of the time it was fixed with an SMC reset. I suppose it's possible that your keyboard or mouse IS drawing too much power, do you have access to another you could try?

• Audio output and left USB port is not working!

  Hi! I have MacBook Air 13" late 2010, Audio output and left USB port is not working!
  What happened?
  Part No.: Z0JH000TE RS

  If the left USB port doesnt work with an external mouse its seems to be a hardware malfunction of this USB port.
  The newest BIOS is already installed?
  Have you removed all USB ports from device manager and restarted your notebook?
  If you have already tried this, contact an authorized service provider. The guys can try to fix this issue and it should be covered by warranty, if you still have warranty on this notebook. :)

• MY EXTERNAL SPEAKER PORT IS NOT WORKING for hp envy

   MY EXTERNAL SPEAKER PORT IS NOT WORKING .WHEN I CONNECTED TO A EXTERNAL SPEAKER ,THERE WERE NO SOUND AUDIBLE.SO WHEN I DISCONNECTED THE CABLE FROM PORT,I WAS ABLE TO HEAR WITH THE IN BUILT SPEAKERS.EXTERNAL SPEAKER IS I GOOD CONDITION.I CHEKED WITH MY HEAD SET ALSO.IT WAS NOT AUDIBLE.MY LAP IS HP ENVY .KINDLY HELP

  Hi ano87, welcome to the HP Forums. What is the model or product number? What version of Windows is installed?
  Guide to finding your product number
  Which Windows operating system am I running?
  TwoPointOh
  I work on behalf of HP
  Please click “Accept as Solution ” if you feel my post solved your issue, it will help others find the solution.
  Click the “Kudos, Thumbs Up" on the bottom to say “Thanks” for helping!

• After installation, the mobo LAN port is not working? urgent, help ple

  I just installed archlinux on my new i7 860 Asus p7p55d-e Deluxe build, but after the installation the LAN port is not working anymore. Before this, this Lan port works perfect in windows as well as in the arch installation. But after the installation, the led is orange and is blinking slowly, windows complains that the cable is not properly plugged, and even arch installation can't pull DHCP from it also.
  Luckily, the mobo has another lan port, so I have to plug the cable out and to the second port, but I couldn't seem to be able to find anyway to enable the first Lan port anymore?
  Have you seen anything like this, what possibly is the reason?
  Thanks, any help will be appreciated.

  heleos, thanks for the reply, the first thing I check is BIOS. There is definitely nothing wrong with that, since I loaded the default one.
  It is really strange, it seems no matter what I do, the 1st port which used to work, simple doesn't work, but the second one works fine.
  But after some poking around with the "ethtool", it starts to work again. I have no idea what cause the disfunction and what magically heal it again.
  Now I am really curious.
  Last edited by mark.altern (2010-04-18 09:52:09)

• T420 USB Ports do not work after installing XP

  Hello my office has  been using Lenovo's for some time now but we recently purchased a T420 and installed Windows XP SP3 on it.  The issue we are having is that the uSB ports do not work.  I have tried every driver I can find but still no luck, can anyone help?

  hey chris0277,
  could you check in Device Manager and see if there is any ? or ! symbol on the USB area.
  If there is, i do recommend uninstalling the drivers from it and then visit http://support.lenovo.com and update your unit
  WW Social Media
  Important Note: If you need help, post your question in the forum, and include your system type, model number and OS. Do not post your serial number.
  Did someone help you today? Press the star on the left to thank them with a Kudo!
  If you find a post helpful and it answers your question, please mark it as an "Accepted Solution"!
  Follow @LenovoForums on Twitter!
  Have you checked out the Community Knowledgebase yet?!
  How to send a private message? --> Check out this article.

• My Air port is not working the wifi - just an amber light blinking. What's going on ?

  My air port is not working the wifi - just an amber light blinking. What's going on ?

  Sorry it is just not enough info to be able to figure it out.
  Do a full factory reset and start over.. that is the best way out of the hole.
  Using ethernet is far far superior to using wireless at least for setup.
  Using iOS device with airport utility is better than using wireless via a Mac with airport utility if you have MBA or MBPr.. but it is still better to buy a usb or thunderbolt to ethernet dongle so you have actual real connection and not a vapourous one.

• IMac firewire port is not working

  iMac firewire port is not working
  Hi everybody, Happy New Year.
  I am a 72 years old semi-newbie in video editing, because Iedit only 1 or may be 2 movies a year since 2007 and I have only very little computer knowledge. 
  I received a new 27” iMac as a birthday gift 14 months ago.  About 10 months ago, with help, I successfully use the Migration Assistant to transfer some datas from my old power G4 to the iMac including two Final Cut Express projects.  I had one project successfully done; burned to DVD and I save it with Print To Video. Last week, I have my second project done, I burned the sequences into DVD but unable to do a Print To Videodue to the iMac is not communicating with my Sony camcorders DCR VX1000, this is the same camcorder I used on the last job which was working a couple of months ago.As a result, I try to switch the Easy Setup with different Format and different Use; I refresh the Canvas window; I did a Mix down; move the Screen Saver to NEVER as well as the Energy Saver set to NEVER SLEEP.  I also trashed the preferences (plist) folders; run the Utility repair, I replaced the firewire cable (4 pines – 9 pines 800), but nothing work.  Up to this point, I think that there is no signal from the firewire port to the camcorder because I understand when the sequences is ready, the firewire is connected between the computer and the recording camcorder, the Print to Video is activated, then the word DV- IN should be seen on the recording deck screen. This time, I don’tread such words on the recording screen. Therefore, I think there’s no out going signal from the iMac to the recording camcorder and the iMac is not receiving signal from the recording camcorder. At this point, I try to connect my iMac to the power G4 to see if I can do some data transfer. Follow the procedures, I hook up the data transfer cable between the G4 and the iMac, I can the fireswire icon moving on the G4 screen but no indication on the iMac screen (there should be some indications in the source bar), this shows me the iMac did not recognize the G4 which worked on previous data transfer.  It looks to me the firewire port on my iMac is dead.  What has gone wrong? Could I accidentally disabled the firewire port by some magic keystroke? (i.e. accidentally fat finger some thing to make it stop working?  Oh, by the way, during the playing around, went to the Final Cut tool bar, I click the View >Video Out > Digital Cinema Desktop Preview – Main, the result was a  black screen and the esc key was my rescuer - LUCKY LUCKY! Are there any other trouble-shooting techniques to apply before bringing to shop?  Please help!
  Sorry for such a long statement, forgive me for unable to make it shorter.  Thank you for your patience. Thanks to all the folks in this board for being so helpful.
  p.s.

  Not sounding good.
  If the system Profiler does not see it then there is a basic communication problem between camera and the Mac.
  I'm thinking the Firewire port is the culprit as some 800 ports were faulty.
  I'd suggest taking the Mac, cable and camera to your nearest Authorized Apple Service Centre and get them to diagnose the issue. eg. let them try to connect the two devices.
  Right (control)click the Sequence icon in the Browser and select Item Properties, do the same for a clip.
  You can also post screen shots for the Properties.
  Al

• Time Capsule Internet WAN port is not working, what can I do to set it up?

  When I plug the ethernet cable from my router to my Time Capsule it should turn on a green light in the back of the TC, but this light is not turning it on anymore, and this port is not working, how can I set it up?
  I want to create a wireless network with the TC, but if this port (Ethernet WAN port) doesn't work, I can't, or can I? How?
  Then I want to use my 2 Airport Express to use the network that I want to create.
  I hope you can help me, thanks a lot.

  what model is the TC? A1xxx from the base please.
  How old and is the front LED otherwise showing it is operating OK?
  What is the network setup..? Is the TC bridged or router.. or is it in Join wireless network mode now..
  If the later.. the ethernet ports are turned off.. you need to do a factory reset of the TC.
  Factory reset.. Hold in reset button.. THEN power on the TC.. keep holding in reset for about 10sec until the front LED flashes rapidly.. there is a good chance the ethernet will work now.