I have a scenario where I want the wireless guest clients to get redirected to the wguest portal through CWA policy which is hosted publicly on Cisco ISE and locally break out the internet traffic through MX internet link ? Is this possible ? I have tried to do this using CWA policy..I checked, guest machine is able to authenticated through this CWA policy & when user is trying to open any site, page is being redirected to wguest portal usr..but url is not working.Even guest machine is not able to reach out public hosted guest portal URL (XX.XX.XX.XX). Even guest's machine is unable to ping own gateway IP. tried to telnet guest portal url but traffic is not coming on our external firewall. It looks like traffic is not passing through MS/MX. Also verified the local ACL, everything is allowed on MS/MX. Also tried to check guest portal from internet, it is working fine. No issue with guest portal url.
... View more