Thank you for the reply, and for the documentation.

I already have the auth-proxy + tacacs server up and running.  The user is able to authenticate without issues and the dynamic acl is applied.  So there is no problem there.

The issue I am having is when a user successfully authenticates; along with the the default page that says "Authentication Successful", I would like them to be redirected to another page.  Old IOS versions allowed you to specify a redirect page on a successful authentication.  On the newer IOS code however, there is no such command.

The link you provided is an outstanding documentation source, but does not include code for that redirect I am looking for.  I am wondering if Cisco decided that a redirect is no longer necessary.

Thanks

Dan,

I do see the command in 15.x code command reference. The syntax seems slightly changed.

http://www.cisco.com/en/US/partner/docs/ios/security/command/reference/sec_i1.html#wp1043347

The following example shows how to configure custom authentication proxy web pages:

Router(config)# ip admission proxy http login page file disk1:login.htm 

Router(config)# ip admission proxy http success page file disk1:success.htm 

Router(config)# ip admission proxy http fail page file disk1:fail.htm 

Router(config)# ip admission proxy http login expired page file disk1:expired.htm 

-KS

This is what I see when I type ip admission ?

Seems like its missing the 'ip admission proxy' command.

CISCO-881W-TOP(config)#ip admission ?
  absolute-timer                  Absolute Timeout in minutes
  auth-proxy-audit               Authentication Proxy Auditing
  auth-proxy-banner            Authentication Proxy Banner
  consent-banner                Consent Banner
  event                                Event to be associated with the policy
  http                                   Configure maximum HTTP process
  inactivity-timer                  Inactivity Timeout in minutes
  init-state-timer                  Init State Timeout in minutes
  max-login-attempts          Max Login attempts per user
  max-nodata-conns           Max TCP NODATA Connections
  name                                Specify an Authentication/Admission Rule
  ratelimit                            Session Ratelimit
  service-policy                   Service Policy
  source-interface               IP Admission Source Interface
  watch-list                          Watch-list

CISCO-881W-TOP(config)#ip admission

As I understand this is not supported in the "T" train but, only on the CAT switches.

I tried 12.4(24)T3 and it wasn't available there either so, I reached out to our IOS team and found the above.

-KS

I see.  That would explain things.  Thank you for your time and efforts in helping me uncover the information I needed to find.  Thank you.

Hello,

Can anyone here help me call a URL that has an image into my consent page?

I have an html page in the flash of the router called consent_page.html Here are two diffent methods I am using to attempt to get the logo to show up in the consent page. Any ideas how to make this part work? Everything else works.

http://www.officemax.com"> SRC="/logo.gif" ALT="Company" WIDTH=246 HEIGHT=48>
http://www.officemax.com"> SRC="http://www.officemax.com/images//header/logo.png" ALT="OfficeMax" WIDTH=246 HEIGHT=48>

Warning!

The web site you have tried to access may not conform to the company's Acceptable Usage Policy

If you want to continue to this website click the "Accept" button below to proceed which will give you temporary access to this website. Please note that all web access is monitored.

Free Internet Hotspot

Terms of Service Agreement

Company provides free Internet access under the condition that you agree to abide by the restrictions below.

Responsibility of Use

You are responsible for all content distributed, accessed, or viewed while connected to this service. Company is not liable for your actions while using this service.

Limitation of Liability