Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
803
Views
10
Helpful
6
Replies

Cisco vWLC and Central Web Authetication ISE Issue

Go to solution
Yuriy Dyshlevoy
Level 1
Level 1

‎04-29-2015 09:04 PM - edited ‎03-10-2019 10:42 PM

Hello!

I have an issue with Wireless Central Web Authentication. Wired CWA woking fine.

My APs woking in FlexConnect mode with local switching. When I connect to the WLAN with CWA, web page with guest portal in not opening, but I see, that redirect is working...

When I try to ping ISE, and have a strange result:

 

y@5733Z:~$ ping 10.10.2.47

PING 10.10.2.47 (10.10.2.47) 56(84) bytes of data.

64 bytes from 10.10.2.47: icmp_seq=5 ttl=63 time=1.45 ms

64 bytes from 10.10.2.47: icmp_seq=8 ttl=63 time=2.22 ms

64 bytes from 10.10.2.47: icmp_seq=10 ttl=63 time=1.43 ms

^C

--- 10.10.2.47 ping statistics ---

21 packets transmitted, 3 received, 85% packet loss, time 20106ms

rtt min/avg/max/mdev = 1.430/1.703/2.223/0.367 ms

 

When I change the security method on the WLAN to open or any other, ping to ISE working fine. Please help!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
nspasov
Cisco Employee
Cisco Employee

‎05-04-2015 12:11 AM

Central Web Auth (CWA) works different on controllers/APs running in FlexConnect mode. Please check this guide and confirm that you have similar setup. 

http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116087-configure-cwa-wlc-ise-00.html

If so, please post screen shots with your configs (Redirect ACLs, policies in ISE and the WLC SSD settings). 

Also, the version of code that you are running in ISE and your controller. 

 

Thank you for rating helpful posts!

View solution in original post

0 Helpful
6 Replies 6

Go to solution
nspasov
Cisco Employee
Cisco Employee

‎05-04-2015 12:11 AM

Central Web Auth (CWA) works different on controllers/APs running in FlexConnect mode. Please check this guide and confirm that you have similar setup. 

http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116087-configure-cwa-wlc-ise-00.html

If so, please post screen shots with your configs (Redirect ACLs, policies in ISE and the WLC SSD settings). 

Also, the version of code that you are running in ISE and your controller. 

 

Thank you for rating helpful posts!

0 Helpful

Go to solution
Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎05-25-2015 05:44 AM

this can be a issue with redirection ACL..make sure correct ACL is pushed and DNS is permitted

0 Helpful

Go to solution
Yuriy Dyshlevoy
Level 1
Level 1

‎09-08-2015 07:09 AM

The reason of this is bug CSCuo39416

https://tools.cisco.com/quickview/bug/CSCuo39416

Go to solution
nspasov
Cisco Employee
Cisco Employee
In response to Yuriy Dyshlevoy

‎09-08-2015 09:25 AM

Yuriy, thank you for following up on this thread and for posting the bug (+5 from me). Is there no resolution at this point? For instance, will upgrading to 8.x address the issue?

0 Helpful

Go to solution
Yuriy Dyshlevoy
Level 1
Level 1
In response to nspasov

‎09-08-2015 09:33 AM

Neno, I have resolved my problem by the upgrade to the 8.0.120.0 version.

Some details for this Bug:

https://tools.cisco.com/bugsearch/bug/CSCuo39416/?referring_site=bugquickviewclick

Go to solution
nspasov
Cisco Employee
Cisco Employee
In response to Yuriy Dyshlevoy

‎09-08-2015 09:37 AM

Blah, sorry about that...for some reason the bud details did not load properly when I first opened the link!

Thanks again for providing the details and for posting the bug

Now since the issue is resolved, you should mark the thread as "answered" :)

0 Helpful
Customers Also Viewed These Support Documents