Symptom
'400 bad request' error seen during BYOD flow using following settings:
ISE2.3 configured to 'allow network access' without CP policies
single SSID BYOD
User gets BYOD page, register device, however is not able to finish the flow due to the error. However, endpoint is being placed in the BYOD group and on next login, user has full access even though user hasn't finished the flow.
This flow works fine with ISE2.2.
Also, CWA flow with BYOD works fine.
Conditions
ISE2.3 configured to 'allow network access' without CP policies
single SSID BYOD
After successful device configuration take employee to: URL is configured
Workaround
1. use guest portal with BYOD settings
2. use redirect to success page on portal instead
