Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2609
Views
5
Helpful
5
Replies

Autonomous AP - Web Authentication

Go to solution
ANDREA GELATI
Level 1
Level 1

‎05-22-2013 02:36 AM - edited ‎07-04-2021 12:06 AM

Hello everybody,

Can I enable a Web Authentication to an external Captive Portal for a specific SSID with autonomous AP without WLC?

I should activate an hot spot service, in order to manage guest/visitor users.

I need to integrate autonomous AP to an external Captive Portal that provides enhanced guest functionality, such as quota time and quota byte session duration, so the AP need to support http redirection for authentication and radius auth, accounting and CoA.

Thanks in advance,

Andrea

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎05-22-2013 05:54 AM

This is not really possible. Autonomous for example is not supported with ISE and CoA. The only thing that can be done is really to setup the AP to allow clients on an SSID and then push it through a captive ports appliance/software to perform the captive portal, etc.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful

Go to solution
Abhishek Abhishek
Cisco Employee
Cisco Employee

‎05-22-2013 02:32 PM

Hello Andrea,

As per your query i can suggest you the following solution-

No i think you can not enable Web Authentication to an external Captive Portal for a specific SSID with autonomous AP without WLC.

The AP does not support http redirection for authentication and radius auth, accounting and CoA.

Hope this will help you.

View solution in original post

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎05-22-2013 02:38 PM

Yes, it is possible.  Cisco used to have the BBSM and they would use that for portaling.

now, there is no 'integrated' method to do this, I think you would need to look at something like nomadix

http://www.nomadix.com/

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎05-22-2013 05:54 AM

This is not really possible. Autonomous for example is not supported with ISE and CoA. The only thing that can be done is really to setup the AP to allow clients on an SSID and then push it through a captive ports appliance/software to perform the captive portal, etc.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Abhishek Abhishek
Cisco Employee
Cisco Employee

‎05-22-2013 02:32 PM

Hello Andrea,

As per your query i can suggest you the following solution-

No i think you can not enable Web Authentication to an external Captive Portal for a specific SSID with autonomous AP without WLC.

The AP does not support http redirection for authentication and radius auth, accounting and CoA.

Hope this will help you.

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎05-22-2013 02:38 PM

Yes, it is possible.  Cisco used to have the BBSM and they would use that for portaling.

now, there is no 'integrated' method to do this, I think you would need to look at something like nomadix

http://www.nomadix.com/

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
ANDREA GELATI
Level 1
Level 1
In response to Stephen Rodriguez

‎05-25-2013 11:11 AM

Thanks for all replay.

I have more remote site with local internet access and I need to centralize and share a captive portal/auth service locate in the HQ.

I will evaluate the introdution of vitrual WLC and the AP conversion to flex deploy, in order to add rediretion function.

Thanks again for all your suggestions.

Andrea

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎05-25-2013 11:19 AM

You need to look at really your design and what functionality you want to have. Using a WLC is a good idea in general than autonomous, but you are limited in what you can do with guest and a WebAuth. Like Steve mentioned, Normadix is a thirst part solution for controlling guest access. Panera Bread and other restaurant chains use Normadix for guest access. If you just want a central web portal with no real restrictions, then using a WLC itself is your answer. Typically a good design is to have a WLC5508-12 in the DMZ and you would tunnel traffic from a foreign (internal)WLC to the anchor WLC in the DMZ.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card