topic Enable WebAuth on WLC to intercept https (or https redirection) for authentication in Wireless

Enable WebAuth on WLC to intercept https (or https redirection) for authentication

Hai Dao Tuan — Mon, 05 Jul 2021 09:27:19 GMT

Hi all

My company is using WLC with Guest access feature, and use Layer 3 security authentication to permit only Guests who provided valid user/password to access.

But we met a issue that, when guests connect to Guest SSID successful, on PC they have to open web browser and access to 1 website by http, after that WLC will intercept and redirect to authentication page.

If customer access to https (as google, gmail, ...) WLC cannot intercept and redirect to authentication. Because almost customers access to https://google.com at first by their habit.

On my firewall, I can do intercept by both http and https, so I wonder on WLC I can enable intercepting and redirecting to authentication of https also

If possible, please advice us how to enable this feature.

Regards

Hai Dao Tuan

Means you did not set any DNS

Sandeep Choudhary — Fri, 06 Feb 2015 09:36:19 GMT

Means you did not set any DNS server IP in your DHCP scope.

Try to set any public DNS entry like 8.8.8.8 (Google DNS) and try again.

Regards

Redirecting https is a new

Freerk Terpstra — Fri, 06 Feb 2015 22:11:41 GMT

Redirecting https is a new "feature" since AirOS 8.0.100, but you have to run 8.0.110 anyway because of a bug in 8.0.100. See for more information CSCar04580 and CSCur13703.

Thanks all

Hai Dao Tuan — Wed, 11 Feb 2015 02:47:37 GMT

Thanks all

I also just found a link that mentions about this case clearly and commands to enable it

https://supportforums.cisco.com/document/12398536/understanding-https-redirect-over-web-auth

(WLC)> config wlan security web-auth enable <wlan-id>
(WLC)> config network web-auth https-redirect enable