Руководство По Устранению Ошибки для Cisco Cisco Flex 7510 Wireless Controller
For this simulation, you need a network with a FlexConnect AP, a local/remote site with local DHCP, DNS,
the WLC, and the ISE. The FlexConnect AP is connected to a trunk in order to test local switching with
multiple VLANs.
the WLC, and the ISE. The FlexConnect AP is connected to a trunk in order to test local switching with
multiple VLANs.
Device Registration and Supplicant Provisioning
A device must be registered so that its native supplicant can provisioned for dot1x authentication. Based on
the right authentication policy, the user is redirected to the guest page and authenticated by employee
credentials. The user sees the device registration page, which asks for their device information. The device
provisioning process then begins. If the operating system (OS) is not supported for provisioning, the user is
redirected to the Asset Registration Portal in order to mark that device for MAC Authentication Bypass
(MAB) access. If the OS is supported, the enrollment process begins and configures the native supplicant of
the device for dot1x authentication.
the right authentication policy, the user is redirected to the guest page and authenticated by employee
credentials. The user sees the device registration page, which asks for their device information. The device
provisioning process then begins. If the operating system (OS) is not supported for provisioning, the user is
redirected to the Asset Registration Portal in order to mark that device for MAC Authentication Bypass
(MAB) access. If the OS is supported, the enrollment process begins and configures the native supplicant of
the device for dot1x authentication.
Asset Registration Portal
The Asset Registration Portal is the element of the ISE platform that allows employees to initiate the
onboarding of endpoints through an authentication and registration process.
onboarding of endpoints through an authentication and registration process.
Administrators are able to delete assets from the endpoints identities page. Each employee is able to edit,
delete, and blacklist the assets they have registered. Blacklisted endpoints are assigned to a blacklist identity
group, and an authorization policy is created in order to prevent network access by blacklisted endpoints.
delete, and blacklist the assets they have registered. Blacklisted endpoints are assigned to a blacklist identity
group, and an authorization policy is created in order to prevent network access by blacklisted endpoints.
Self−Registration Portal
In the Central Web Authentication (CWA) flow, employees are redirected to a portal that allows them to enter
their credentials, authenticate, and enter the specifics of the particular asset they wish to register. This portal is
called the Self Provisioning Portal and is similar to the Device Registration Portal. It allows the employees to
enter the MAC address as well as a meaningful escription of the endpoint.
their credentials, authenticate, and enter the specifics of the particular asset they wish to register. This portal is
called the Self Provisioning Portal and is similar to the Device Registration Portal. It allows the employees to
enter the MAC address as well as a meaningful escription of the endpoint.
Authentication and Provisioning
Once employees select the Self−Registration Portal, they are challenged to provide a set of valid employee