Web Services Packet Flow With Cisco ISE and F5 BIG-IP Load Balancer

Packet Flow of Guest Services With Cisco ISE and F5 BIG-IP as a load balancer, understanding the packet flow before moving to implementation, very important to know what we are doing and what we are implementing.

-First Step, there is a virtual server Type Standard to load balance the Radius Packets. Based on the Load Balancing Algorithm, the BIG-IP selects a Pool Member. We have a Full Proxy in action. The PSN-2 responds with an URL redirection: https://psn-2.lab.local/…../cwa through a radius access-accept packet to response to radius access-request sent by the NAD, this is the captive portal.

-Second Step, once the Guest is connected and typed any website, it receives an URL Redirection from the NAD, https://psn-2.lab.local/…../cwa. The Guest will a DNS resolution to find the IP address which is the 10.1.5.11, to allow a direct communication we need a Virtual Server Type Forwarding IP, this is a packet basis, it sends an HTTPS request and receives an HTTPS response and the portal is displayed to authenticate the guest.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s