Contributor II

Re: Radius IETF redirect to a URL



Sorry about the delay in responding. Currently this is the configuration that we maintain at layer 3 level.

Should I disable this configuration to be able to do the redirect?


Thanks for your time.

Frequent Contributor I

Re: Radius IETF redirect to a URL



Do this:



- Remove the Layer 3 securiy

- Within Layer 2, enable Mac Filtering

- Then go to Advanced and set NAC to ISE (I noticed a bug where the setting will revert to none when you change AAA servers; so make sure the value is set to ISE)

- Still on Advanced, enable AAA Override.



- Set a redirect enforcement profile and set the URL address to the one you had under "Layer 3 URL"

- Set the PreAuth ACL (url-redirect-acl av pair) to CLEARPASS_INVITADOS


And it should work.


Contributor II

Re: Radius IETF redirect to a URL

Hi Ricardo.


Just a question.


Is  it possible that this does not work for me because I do not have an Onboard License?



New Contributor

Re: Radius IETF redirect to a URL

hi everyone 

i have same issue about the redirect url. i built the cisco switch and clearpass for web authentication. i set the authentication method "allow all mac auth" for the unknown mac continuing ti go to web-auth. but the switch does not receive the redirect url. 


do you have any advice? thanks





Search Airheads
Showing results for 
Search instead for 
Did you mean: