Which configuration is required in the Cisco ISE authentication policy to allow Central Web Authentication?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
Central Web Authentication (CWA) is a feature in Cisco Identity Services Engine (ISE) that allows users to authenticate to a network using a web-based portal. The portal prompts users to enter their credentials and then grants or denies access based on the authentication policy configured on ISE.
To allow Central Web Authentication, the authentication policy in ISE needs to be configured with the appropriate settings. Among the options given in the answers, the correct configuration for Central Web Authentication is:
B. MAB and if authentication failed, continue.
Here's why:
MAB stands for MAC Authentication Bypass. MAB is a type of authentication that allows devices to authenticate to the network using their MAC address instead of a username and password. MAB is often used for devices that don't have the capability to support 802.1X authentication, such as printers, cameras, and IoT devices.
If authentication fails, continue means that if MAB authentication fails, ISE will continue with the next authentication method in the policy. In this case, the next authentication method would be Central Web Authentication.
So, if a device that doesn't support 802.1X authentication tries to connect to the network, ISE will attempt to authenticate it using MAB. If MAB authentication fails, ISE will prompt the device to authenticate using the Central Web Authentication portal. The user will then be prompted to enter their credentials, and access will be granted or denied based on the authentication policy configured in ISE.
To summarize, the correct configuration in the Cisco ISE authentication policy to allow Central Web Authentication is:
Therefore, answer B is the correct configuration.