Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1669
Views
0
Helpful
3
Replies

Web Authentication with External Portal Server fail to redirect

Jia Hao
Level 1
Level 1

‎07-06-2016 12:28 AM - edited ‎07-05-2021 05:22 AM

Hi,

I have set up a web authentication with the internal Portal, and it works fine.

Layer 2 security is none, Later 3 securiy is web Policy with "Authentication".

When I changed the Web Authentication Type to "External", it didn't work.

I have enabled the debug " web-auth redirect enable mac  xx:xx:xx:xx:xx:xx",  from the logs it shown "can not get the index of protal server"

And from the client's browser it shown the URL:

"http://10.75.156.50?switch_url=http://1.1.1.1/login.html&ap_mac=d8:b1:90:b2:a8:70&client_mac=7c:fa:df:88:be:87&wlan=Guest-Central&", but never shown the actual web page.

Also I have tried to disable the "WebAuth SecureWeb" and "HTTPS Redirection", after the WLC rebooting, it shown the same error.

I have tried the IPHONE and the windows 10, haven't tried the other devices yet.

Please someone tell me where am I wrong?

Error logs:

*webauthRedirect: Jul 06 15:27:29.515: 7c:fa:df:88:be:87- str1 is now http://10.75.156.50?switch_url=http://1.1.1.1/login.html&ap_mac=d8:b1:90:b2:a8:70&client_mac=7c:fa:df:88:be:87&wlan=Guest-Central&redirect=10.75.156.50/?swit
*webauthRedirect: Jul 06 15:27:29.515: 7c:fa:df:88:be:87- clen string is Content-Length: 661


*webauthRedirect: Jul 06 15:27:29.515: 7c:fa:df:88:be:87- Message to be sent is
HTTP/1.1 200 OK
Location: http://10.75.156.50?switch_url=http://1.1.1.1/login.html&ap_mac=d8:b1:90:b2:a8:70&client_mac=7c:fa:df:88:be:87&wlan=Gue
*webauthRedirect: Jul 06 15:27:29.515: 7c:fa:df:88:be:87- send data length=1146
*webauthRedirect: Jul 06 15:27:29.515: 7c:fa:df:88:be:87- Url:http://10.75.156.50
*webauthRedirect: Jul 06 15:27:29.515: 7c:fa:df:88:be:87- can not get the index of protal server
*webauthRedirect: Jul 06 15:27:29.515: 7c:fa:df:88:be:87- cleaning up after send

*webauthRedirect: Jul 06 15:27:29.515: 1520 - 7c:fa:df:88:be:87- closing socket= 83

2 people had this problem
Labels:
0 Helpful
3 Replies 3

Prakash Parvathala
Level 4
Level 4

‎07-06-2016 02:25 AM

Hello Jia

Please look in this configuration example once again and verify with your configuration setup .

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71881-ext-web-auth-wlc.html

Thank you

0 Helpful

Jia Hao
Level 1
Level 1
In response to Prakash Parvathala

‎07-06-2016 06:36 AM

Hi Prakash,

Thank you for reply,

My WLC version is 8.0, so I don't have an "add web server" button, but the other is same.

And the WLC will show nothing when I set up a preauthentication ACL.(I enabled the counter, the acl hits number grows, but shown nothing from  "debug web-auth redirect enable mac xx:xx:xx:xx:xx:xx")

I'll post my config if it's necessary.

0 Helpful

Jia Hao
Level 1
Level 1
In response to Jia Hao

‎07-06-2016 08:45 PM

Here is the show wlan message

Preview file
9 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card