Hotspot Portal with information collection
Since we don't have the concept of a hotspot portal with info collection (we require an account to be created to capture information in the reports). The purpose of this document is to explain how to set up a self-registration portal and flow that is masked to look like a Hotspot Portal with information collection. A customer doesn't want a user to deal with creating credentials and remembering them but still wants to get their information.
This info will show up in the logs and reports as its a regular account. The user doesn't know about this and they are not notified as they won't use it
The process is to make a self-registration portal capture some info and create account but hide username/password. So its like a hotspot. The endpoint is registered and authorization is based off guest endpoint group. The device could have access for a minimum of a day with basic configuration. If you wanted only a couple hours then there are other examples on how to do that as well.
Video Link : 15219
This should work on ISE 1.3+
Process and config:
Authorization rules
- Authorization rules would be setup first to redirect MAB to self-reg (hotspot) portal.
- 2nd line if endpoint group, then permit access
Endpoint Groups
Administration > Identity Management > Groups
- Create a different endpoint group if you don’t want to use default of GuestEndPoints
Guest Types
Guest Access > Configure > Guest Types >
- If needed create special guest type to track - call 1dayHotspotwithemail choose different endpoint group if you created another
- In ISE 1.4.1 and 2.1 you can use FromFirstLogin Guest Type as the location doesn't matter and you want account activated right away
Portal
- Create self-reg portal call it self-reg-hotspot-with-info-collection
- In “Self-Registration Page Settings” uncheck all options you don’t want displayed except for email address
- Location - if more than 1 you will need to allow this to be displayed (in ISE 1.4.1 or 2.1 you are using FFL location is not relevant in this example
- SMS and Email options for notification - uncheck as not using any notification
- After registration submission, direct guest to Success page
- In “Self-Registration Success Settings”
- In ISE 1.3/1.4 due to bug you need to leave on ”first name" and "reason for visit"
- Uncheck everything except username/password/email address
- Choose Allow guests to log in directly from the Self-Reg Success Page
- In Acceptable Use Policy (AUP) Page Settings uncheck ‘Include an AUP page’ unless you want it
- Post Login Banner Page
- uncheck includes a post login
- Authentication Success Settings
- Click Save
- Click Portal Page Customization
- Under Login page Optional content 2 window
- Toggle HTML Source Button
- Paste this script - this bypasses login page and goes direct to self-reg for info collection
Check out this NEW SCRIPT - 5/30/19
--------------
It auto clicks and goes on to SelfRegistration.action?from=LOGIN (second last line).
However, for some reason, the portal test URL is loaded again (last line), and loads as a blank page, since the page CSS is set to display:None.
This was reproducible on 2.3, 2.3p5, 2.3p6 and 2.4p6.
It is only reproducible on Google Chrome and seems to work fine in Firefox on all releases.
After playing around with JQuery a bit, I was able to find something that works on Chrome reliably:
NEW SCRIPT - 5/30/19
----------
<script>
jQuery('#page-login').css('display','none');
$(document).ready(setTimeout(function(){
$('#ui_login_self_reg_button').trigger('click');
},100));
</script>
ORIGINAL
---------
<script>
jQuery(function(){
jQuery('#page-login').css('display','none');
jQuery('#ui_login_self_reg_button').click();
return;
});
</script>
- Self Registration Success - hide the results (credentials) as not used and click login automatically
- Toggle HTML Source
- paste to optional content 2:
<script>
jQuery('#page-self-registration-results').hide();
jQuery('#ui_self_reg_results_submit_button').trigger('click');
</script>
