cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
372831
Views
5
Helpful
13
Replies
Highlighted
Beginner

Cisco Wireless 1.1.1.1/login.html redirect issues

Hello

Hope you can help. with our WLC 5500 controller, once the clients get the DHCP address the page is not redirecting them to the guest portal.

What is the best way to check as to why the redirection is failing.

many thanks

Upen Desai

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

You don't need to.  The main thing if the webauth page does not appear is due to the clients homepage being https not http or dns issues.  If you remove the webauth and associate to the ssid, can you access the internet?  This will prove that dns is working okay from the guest users.  Try that first and let me know.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

View solution in original post

13 REPLIES 13
Highlighted
Hall of Fame Master

That usually points to dns. Is the home page an https, if so, the user will not get redirected. The WLC intercepts the home page when the users opens up a browser and then verifies that dns can resolve the home page. If so, the WLC pushes the WebAuth page to the user. If not, the WLC dies nothing. If your using a 3rd part certificate to get rid of the certificate error, you need to make sure the fqdn can be resolved by the dns the clients are going to use.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Highlighted

Hi

Thank you for replying, the is https, and its setup using default settings, redirected using 'Internal (Default)' option. Not using any other certs.

Can you please advise on any other ways to testing WebAuth via command line.

Highlighted

The homepage can't be https only http.  Here is a guide to help you troubleshoot:

https://supportforums.cisco.com/docs/DOC-13954

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
Highlighted

Thank you Scott, i was reading this before posting.

I meant to say when the redirection use to happen the address was https://1.1.1.1/login.html

Would you suggest for such implementation to have a DNS entry that would point back to the controllers IP address.

the DHCP part of this process is working fine, just the redirect does not go anywhere.

many thanks

Highlighted

You don't need to.  The main thing if the webauth page does not appear is due to the clients homepage being https not http or dns issues.  If you remove the webauth and associate to the ssid, can you access the internet?  This will prove that dns is working okay from the guest users.  Try that first and let me know.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

View solution in original post

Highlighted

Thank you for your help on this issue.

Under Interfaces, virtual interface for 1.1.1.1

I removed the entry for DNS Host Name and set it to blank.

I test the redirect and seems to work fine.

Highlighted

Upen,

That entry in the virtual interface is if you are using a 3rd party certificate to remove the certificate error when a guest opens up a web browser. So that is why the login page was not appearing. There was no valid cert and the fqdn you entered was not resolving. Glad you got it working!

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Highlighted

Thank you Scott for sharing the workaround +5 :-)

Regards,
Vinay Sharma
Community Manager

Thanks & Regards
Highlighted

 
Highlighted

dns should resolve the initial url request then wlc hacks that packet and replace it with 1.1.1.1 instead of the resolved address to show the splash page to user, either u can use the public dns or insider dns that resolves the initial url request.

once client connected to webauth wlan and got an ip, manually type https://1.1.1.1/login.html, does it shows the cert warning and splash page after that, if not try with diff device, could be a browser issue. if it brings the page then like scott mentioned check the dns works thru nslookup.

Highlighted

Hi Upen,

As suggested by Saravanan you can directly enter the https://1.1.1.1/login.html to reach the page, as well as you can try a nslookup on one of the client connected to the SSID to make sure if youre DNS is responding to query request or not just to isolate the issue.

Thanks,

Ashish

Highlighted

 
Highlighted

Public solution Test prod Sanity

Content for Community-Ad