cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1960
Views
0
Helpful
4
Replies

Guest Wireless portal :- URL redirection to the client is not happened

pradeepgun
Level 1
Level 1

Currently we have POC Anchor-Foreign Scenario for DMZ wireless guest accesses using portal. Once we connected to SSID then we can see the foreign WLC quickly shows the client is in the RUN state and Anchor WLC shows CENTRAL_WEB_AUTH. But still URL redirection to the client is not happened. But when we copy and paste URL from logs to client browser then it is getting correctly. I have attached the redirection ACL for both WLCs and client debugs from both side.

We are using 5760 as Foreign WLC and 5508 WLC with ISE 1.3 patch 5.

Highly appreciated any help.

 

4 Replies 4

Tarik Admani
VIP Alumni
VIP Alumni

The ACL entry can be blank on the foreign controller since the acl that is enforced is on the anchor, you have to make sure that the redirect acls that are configured on both controllers are identical as they are case sensitive.

Many thanks Tarik.

Here we are using identical ACLs in both controllers and name also same. Do we need to allow DHCP as well. I have configured ACL based on below document.

http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115732-central-web-auth-00.html

No you shouldnt have to because the CWA detection on the controller should allow dhcp and dns traffic through, in my acl that I have I only redirect the webauth port and the ip of ISE and thats all. What version of code are you running on your setup?

Thanks Tarik,

Anchor WLC is CT5508 - 7.6.130.0

Foreign WLC is 5760 - 15.2

Would you please check the attached ALCs and if it is possible share your working ACLs