Bundle of Web authentication on a WLAN controller integrated Catalyst 3750

We have set up a wifi zone based on a few 1131AG access points and a few Cisco 3750 integrated WLAN controllers. We are now trying to use web authentication for our comments area. No problem by defining a WLAN of COMMENTS and the associated VLAN. We have also managed to download a custom controller authentication web page.

However, when I try to display the custom page, both controllers of show me the internal default page (preview and during the phase of actual authentication).

Global web authentication settings are the following: Security--> Auth Web--> Web Login Page--> custom (downloaded).

On the controller software version is 4.2.112.0, and the page is an HTML page.

Reveal any help be appreciated.

Kind regards

Sonia

What you need to do is set internally (by default) and hit apply, then play again to custom and click on apply. You can still see the defaul if you use the preview, but if you associate the SSID and open your web browser, you should get the webauth page. I hope this helps.

Tags: Cisco Wireless

Similar Questions

  • Web authentication passthrough with input from the e-mail

    Is it possible to use a custom login.html page when web auth/passthrough is used with the input of the email? I have a requirement to have just the users to register with an e-mail address and I need to provide a custom page.

    I receive custom login pages, but I can't figure out how to make a customized with only e-mail login.html page entry.

    Any help is appreciated.

    Thank you

    Kurt

    You should also check wireless downloads. In the area where you can find the code of the controller to download, you can also find a 'Wireless LAN Controller Web authentication Bundle' containing several samples of html, including e-mail data.

    This link might work, maybe not:

    http://Tools.Cisco.com/support/downloads/go/InterfaceModuleSWT.x?mdfid=279911269&mdfLevel=model&treeName=wireless&modelname=Cisco%204404%20Wireless%20LAN%20Controller&treeMdfId=278875243

  • WLAN controller download

    Hello

    I bought a new controller (model 2500) Cisco wlan and a point of access from a provider certified Cisco. Can I register the controller on the

    Site Web of Cisco to enable access download software associated with this controller? I want to download the latest version of the software "AIR-CTVM-K9-8-0-100-0.aes".

    but I'm not allowed according to my profile.

    So, how can I access the latest version of the software for my 2500 WLAN controller?

    Concerning

    Gideon

     Can I register the controller on the Cisco website to enable access to download software related to this controller?

    Yes and no.

    The quick answer is no. your authorized reseller of Cisco should be able to "join" the serial number of your WLC in your Service Agreement and your Service agreement is attached to your CCO login.

    If you go direct to Cisco, it will take time to get to the bottom of the details, you need to provide a lot of information so it's best to get your Cisco reseller to contact them.

  • WLC (foreign-anchor), problem with external web authentication-> ISE

    Hello guys

    I am designing a platform for a network of comments, which must be isolated from the LAN, the following facilities:

    • ISE 1.2 (SNS-3415-K9 Cisco)
    • WLC 7.0.230.0 (Cisco 5508 controller)---> foreign wlc
    • WLC 7.0.230.0 (Cisco 5508 controller)---> wlc anchor.

    The PAES tunnel between wlc is successfully completed.

    The wireless client gets the IP address of the anchor wlc (DHCP server).

    Test 1:

    I have set up the ANCHOR WLC with local web authentication (internal), the wireless client is authenticated by WLC and successfully navigate.

    Test 2:

    Configure the authentication web external anchor (ISE) WLC. Configure a user to the portal comments ISE.

    The wireless client gets the IP address of the anchor wlc (DHCP server), attempting to engage not display comments portal.

    Debugging a wireless client, try to connect to the guest network is attached.

    That's right... they have a version of code required minimum supported for this.

    Thank you

    Scott

    Help others using the system of rating and marking answers questions like "answered."

  • Assignment of VLAN dynamic of the Web authentication

    In a firmware WLC 4402 v.5.2.157 is possible to assign users to one VLAN dynamic based on the RADIUS response received from ACS?

    Yes and no. You can do for a WLAN 802.1 x internal, that the customer does not get an IP address, until they have completed the authentication process. To do this, you use 64/65/81, 64 802, 65 VLAN and to 81 use the name of the interface, not the number VLAN. you will also need to make sure you have AAA Overrided activated under the WLAN.

    If, as is said for Web authentication, the answer is no. The client has an IP address before being validated by the AAA server.

    HTH,

    Steve

  • Independent WAP Web authentication?

    Is it possible to do the redirection of web authentication using 1131 s independent or that the function is available with WLAN controllers?

    Hello

    Authentication on the Web is only a solution for a unified environment (WLC). Autonomous aPs cannot perform this function.

    -Patrick Croak

    TAC wireless

  • Activation of RADIUS Auth/Acct on WLAN controller 4402

    Hi all

    Just need to activate authentication RADIUS and accounting on Cisco 4402 WLAN controller, so this controller WLAN what admins can be authenticated through a RADIUS server.

    I want to assure you that I could connect via the console or the local user account, if the RADIUS auth/acct on WLAN controller does not work for some reason any. I don't want me locked out if RADIUS auth/acct does not work.

    I have set up RDIUS for switches cisco 3750 and works very well.

    any suggestions please.

    Thank you very much.

    Keita.

    You must set the order

    Security > priority > user management

    Network user is for wireless authentication.

    ~ BR
    Jatin kone

    * Does the rate of useful messages *.

  • Web authentication Catalyst 2960

    Hello

    I am trying to configure Web authentication relief on a catalyst 2960 switch. The goal is to authenticate customers via web authentication that are consistent (the part of 802. 1 x works fine) not 802. 1 x and allow them access to the network. The problem is that the web authentication seems to fail.

    The equipment about my question: switch catalyst 2960 (version: 122 - 37.SE) and a FreeRadius.

    Here's what happens:

    The authentication window will appear in my browser and the access request is sent to the RADIUS.

    The term RADIUS replies with an Access-Accept. Debugging running on the switch show that all this information is coming properly authentication and switch outputs debug a 'status = PASS' and permission to debug outputs a 'status = PASS_ADD'. Despite this the browser on the client generates a message "authentication failure".

    I have read the manual and the Cisco attribute value pairs are mentioned: ' priv-lvl = 15' and «proxyacl...»» ». They are required to make it work? Given that I'm not setting up any authentication switch connection via RADIUS.

    Any suggestions?

    Thanks in advance

    Yes, they are mandatory.

    If priv-lvl = 15 is not returned to the switch, the user will see? Authentication failed? and the access list will not apply. If the source in the statements of proxyacl field is not? everything? or there are other errors of syntax, the user will see? Successful authentication? but the access list will not apply and the user will be denied access to the network.

    Not sure about the configuration of specific FreeRADIUS, but you need to set up the? [026\009\001] Cisco av pair VSA. It should look like:

    Priv-lvl = 15

    proxyacl #10 = ip permit a whole

    Let me know if this lets you squared

  • WLAN controller redundancy

    What is the method to provide redundancy to the WLAN controller

    the function?

    The unified access point allows a backup controller WLAN? In this case, the configuration of the two controllers is automatically synchronized?

    Hi Andres,

    The world of WLC is how an AP is covered in case of failure of a WLC. It is not without some "down time" in case of failure, but two controllers are active. You must keep in mind that the AP cannot be certified a WLC both so it of the best you can do when a WLC fails AP then must re - register with the backup, it is not a process completely seamless.

    This has some really good info;

    WLAN controllers to access tipping points light Configuration example

    http://www.Cisco.com/en/us/Tech/tk722/tk809/technologies_configuration_example09186a008064a294.shtml#C4

    For more recent versions of release WLC (there are also)

    Controller LAN wireless and lightweight external Tipping Points access the sample Configuration of mobility group

    http://www.Cisco.com/en/us/Tech/tk722/tk809/technologies_configuration_example09186a00809817ca.shtml

    See you soon!

    Rob

    Thank you to support CSC helps Haiti

    https://supportforums.Cisco.com/docs/doc-8895

    https://supportforums.Cisco.com/docs/doc-8727

  • Inconsistent WLAN controller with AP 'AIR-LAP1142N-E-K9.

    Hi all

    We have awireless LAN Controller "Cisco 4402 with software version 3.2.150.10" we use the Access Point 'AIR-LAP1242AG-E' and his works fine, we bought the new APs with the model "AIR-LAP1142N-E-K9" but its not working with our controller and restart continuously. I connected the console and checked the logs from the console that is given below. Please let me know is this controller WLAN is compatible with the APs new or not, or do I need to upgrade the operating system of the LAN Controller and if I upgrade the operating system of the WLAN controller it will support the old APs or not.

    Thank you in advance for your response and support.

    32K bytes memory simulated by flash not volatile configuration.
    Basic Ethernet MAC address: C4:7 D: 4F:3 A: 9E:D0
    Part number: 73-11451-08
    Kit numbered PCA: 800-30554-06
    Revision number of PCA: A0
    Serial number of PCB: FOC14080B1U
    Top Assembly part number: 800-31273-04
    Top of page the Assembly serial number: FCZ1414W1X5
    Top of page revision number: A0
    Product/model number: AIR-LAP1142N-E-K9
    % Please first set a domain name.

    Press RETURN to get started!

    * 00:00:06.561 Mar 1: * CRASH_LOG = YES
    MAC Ethernet address of base: C4:7 D: 4F:3 A: 9E:D0

    * 00:00:06.749 Mar 1: % LWAPP-3-CLIENTEVENTLOG: reading and initialized event AP log (contains 82 messages)

    * 00:00:08.794 Mar 1: % LINK-3-UPDOWN: Interface GigabitEthernet0, changed State to
    * 00:00:08.810 Mar 1: % SYS-5-RESTART: System restarted.
    Software Cisco IOS, C1140 Software (C1140-RCVK9W8-M), Version 12.4 JA (21 a), RELEASE SOFTWARE (fc1)
    Technical support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2009 by Cisco Systems, Inc.
    Updated Tuesday 8 June 09 16:28 by prod_rel_team
    * 00:12:08.010 Mar 1: % CAPWAP-5-CHANGED: CAPWAP changed state of DISCOVERY
    * 00:12:08.982 Mar 1: % LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed State to
    * 00:12:18.211 Mar 1: % ADDRESS_ASSIGN-6-DHCP: Interface GigabitEthernet0 assigned address DHCP 172.20.20.228, mask 255.255.255.0, hostname APc47d.4f3a.9ed0

    * 00:12:28.972 Mar 1: % CDP_PD-2-POWER_LOW: all disabled radios - WS-C3560G-48PS NEGOTIATED (0026.98a6.2786)
    Translate "CISCO-CAPWAP-CONTROLLER"... the domain server (192.151.106.8) (192.151.106.6)

    Translate "CISCO-LWAPP-CONTROLLER"... the domain server (192.151.106.8) (192.151.106.6)

    * 00:12:37.968 Mar 1: % 3-CAPWAP-ERRORLOG: did not get the server DHCP server log settings.
    * 00:12:37.971 Mar 1: % 3-CAPWAP-ERRORLOG: could not resolve CISCO-CAPWAP-CONTROLLER
    * 00:12:37.973 Mar 1: % 3-CAPWAP-ERRORLOG: could not resolve CISCO-LWAPP-CONTROLLER
    * 00:12:47.974 Mar 1: % 3-CAPWAP-ERRORLOG: go join a lwapp controller
    * 00:12:47.974 Mar 1: % LWAPP-3-CLIENTERRORLOG: put AddressCalled of Transport
    Writing of the
    * 00:12:47.981 Mar 1: % LWAPP-5-CHANGED: CAPWAP changed State to ADHERE
    * Jun 29 16:32:00.616: % SYS-4-PUPDATECLOCK: periodic update clock with ROMMON failed because size left in ROMMON (4294967295), large (29), error code (- 1).
    * Jun 29 16:32:00.616: % SYS-5-RELOAD: reload LWAPP CUSTOMER the request. Reason for charging: CONTROLLER INCOMPATIBLE VERSION.
    * Jun 29 16:32:00.616: % LWAPP-5-CHANGED: CAPWAP changed state at the bottom of the event log in NVRAM...

    using the values from the eeprom

    WRDTR, CLKTR: 0 X 86000800 0X40000000
    RQDC, RFDC: 0X8000003B 0X0000020F

    init done DDR

    IOS Bootloader - start System.
    XMODEM file system is available.

    DDR used values of the system serial eeprom.
    WRDTR, CLKTR: 0 X 86000800, 0 X 40000000
    RQDC, RFDC: 0X8000003B, 0X0000020F

    PCIE0: the connection is established.
    PCIE0: VC0 is active
    PCIE1: the connection is established.
    PCIE1: VC0 is active
    PCIEx: initialization done
    flashfs [0]: 5 files, 2 folders
    flashfs [0]: 0 orphaned files, orphaned directories 0
    flashfs [0]: Total number of bytes: 32385024
    flashfs [0]: bytes used: 2271744
    flashfs [0]: available bytes: 30113280
    flashfs [0]: flashfs fsck took 16 seconds.
    The system eeprom read cookie series... Fact
    MAC Ethernet address of base: c4:7 d: 4f:3's: 9e:d0
    Ethernet speed is 1000 MB - FULL duplex
    Loading "flash:/c1140-rcvk9w8-mx/c1140-rcvk9w8-mx"...#######################################################################################################################################################################################################################

    File "flash: / c1140-rcvk9w8-mx/c1140-rcvk9w8-mx" unzipped and installed, point of entry: 0x4000
    execution of...
    ENET stopped

    If you have login valid ORC, go to Support > download software > > Cisco Wireless LAN Controller 4402 Wireless > Wireless LAN Controller Software

    Release notes for the controllers wireless LAN Cisco and Points of light access for version 7.0.98.0

    http://www.Cisco.com/en/us/docs/wireless/controller/release/notes/crn7.0.html

    Upgrading to a new version of the software

    http://www.Cisco.com/en/us/docs/wireless/controller/release/notes/crn7.0.html#wp472449

    Remember messages useful rate.  Thank you.

  • Ie9 beta does not have the web authentication

    Hello

    / * Style definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-margin : 0 cm ; mso-para-marge-bottom : .0001pt ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-fareast-font-family : SimSun ; mso-fareast-theme-font : minor-fareast ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ; mso-bidi-font-family : Arial ; mso-bidi-theme-font : minor-bidi ;}

    I have a question:

    We had a user who defines the Cisco web-authentuicated WiFi SSID as network Public in the firewall of Windows 7 and when he tried to connect to WiFi, it appears a troubleshooting page and said: "Connection to Web pages are currently redirected to a different Web page."  It uses IE9 beta.  Most likely the browser it's a MiTM attack.

    Apart from declaring (SSID) network as a private network secure, y at - there another solution?

    Our goal is to get the users (which come from major conferences) on the network without them having to change a lot of things on their laptops. They would be naturally defined as a Public network.

    Thank you

    Suman

    The concept of web authentication IS a man in the Middle somehow attack... And IE9 is not a browser supported either.

    I don't know what makes IE cause this error exactly well. You have a DNS host name and the certificate on your webauth?

    Nicolas

  • The web authentication.

    I want to configure a switch for IEEE 802 authentication port. 1 x with web authentication as a means of rescue.

    Can anyone provide an example of a valid configuration?

    Only web authentication does not work!

    Switch #sh run

    Building configuration...

    Current configuration: 3012 bytes

    !

    version 12.2

    no service button

    horodateurs service debug uptime

    Log service timestamps uptime

    no password encryption service

    !

    Switch host name

    !

    !

    AAA new-model

    Group AAA authentication login default RADIUS

    connection of line-con AAA authentication, no

    Group AAA dot1x default authentication RADIUS

    Group AAA authorization auth-proxy default RADIUS

    !

    AAA - the id of the joint session

    switch 1 supply ws-c3750 - 48P

    mtu 1500 routing system

    IP subnet zero

    IP - cisco.com domain name

    property intellectual admission name rule1 http proxy

    !

    !

    !

    !

    control-dot1x system-auth

    !

    !

    !

    !

    !

    !

    Profile relief aid

    IP access-group Policy1 in

    rule1 admission IP

    !

    pvst spanning-tree mode

    spanning tree extend id-system

    !

    internal allocation policy of VLAN ascendant

    !

    !

    !

    !

    interface FastEthernet1/0/1

    switchport access vlan 142

    switchport mode access

    !

    interface FastEthernet1/0/47

    switchport access vlan 142

    switchport mode access

    dot1x EAP authenticator

    self control-port dot1x

    relief aid dot1x

    !

    interface Vlan1

    no ip address

    Shutdown

    !

    interface Vlan142

    IP 10.1.254.1 255.255.255.0

    !

    IP classless

    !

    peche1 extended IP access list

    allow udp any any eq bootps

    deny ip any any newspaper

    !

    Server RADIUS attribute 8 include-in-access-req

    secret key of acct-port 1645 auth-10.1.254.187 - RADIUS server host port 1646

    Server RADIUS ports source-1645-1646

    RADIUS vsa server send authentication

    !

    control plan

    !

    !

    Line con 0

    line vty 5 15

    !

    end

    Try adding this:

    analysis of IP device

    In addition, if you want your users to web-auth to use DNS to resolve URLS, you probably want to add something like this to Policy1:

    allow udp any any eq field

    Don't forget that you need to wait until the 802. 1 X times out (90 seconds by default) for Web-Auth to kick.

    Shelly

  • Web authentication WISN and COMMENTS

    I have a WISN and we use open web Cisco

    authentication with a user's e-mail address.

    When executing this CLI command:

    > config network secureweb disable

    > save config

    > the system

    This will make the web authentication come HTTP instead of HTTPS?

    This command is for managing the unit.

    However it used to be a workaround when you disable HTTPS and SSH and you restart the WLC web authentication will be displayed as http and not https.

    Let me know if it works for you

  • 2112 WLan controller and Point of access LAP1042n issue

    Hello

    I recently bought a 2112 a Wlan controller a number of LAP1042n Ap of the AP will not join the command and the message I get in the console of the AP, it is that the AIR-WLC2100-K9-6-0-199-4.aes firmware does not support this model?  Can someone please verify that this is the case?

    Firmware AIR-WLC2100-K9-7-0-98-0.aes to overcome this problem?

    Thanks in advance

    David

    Yes, 7.0 doesn't suppoert he...

    CHECK THE RELEASE NOTES for more details...

    http://www.Cisco.com/en/us/docs/wireless/controller/release/notes/crn7.0.html

  • Autonomous AP's web authentication

    Hi, I would like to know if it is possible to make comments of web authentication to the single autonomous access point?

    I've done web authentication for comments on the WLC with lwapp AP successfully.

    Please notify

    Sent by Cisco Support technique iPhone App

    Hello

    It is notsupported on autonomous Infrastructure... But I guess that the REDIRECTION IP can do the job, but I have not tried but!

    Let me know if this naswered your question and please remember to note the useful messages!

    Concerning

    Surendra

Maybe you are looking for