I am working on a new 5520 WLC running 184.108.40.206 code. We have a WLAN using Layer 3 Passthrough for security. From my understanding, to avoid a certificate error on the browser of an end user, you could generate and upload a 3rd party certificate or you can disable WebAuth SecureWeb. My question is, will disabling WebAuth SecureWeb go against best practice and why?
By default, WLC allows low security crypto options for HTTPS negotiation to ensure backward compatibility, which are no longer considered strong enough in several scenarios. For security reasons, it is advisable to force the controller to use only strong cyphers with the high encryption command. This may cause some interoperability issues if the client connecting to HTTPS only supports legacy or limited crypto options, so it is advisable to do testing for possible issues. This is not a problem for most modern browsers and operating systems.
1. To avoid the error: either you have to use SSL certificate
2. Just change that authentication page from https to http. On the controller go to MANAGEMENT –> HTTP-HTTPS. The third item from the top is “WebAuth SecureWeb”, the options are enable or disable. Default is enable so change it to disable. You then need to go to CONTROLLER –> INTERFACES –> VIRTUAL make sure the “DNS Hostname” field is empty. The IP address does not matter, 220.127.116.11 is very common. If you change the virtual address you will need to reboot the controller.
After changing the WebAuth SecureWeb to disable and rebooting the controller your guests can access and enjoy an authentication screen without the SSL certificate error.
QuestionI have the following Air AP:Air-AP1562I-B-K9, 802.11ac outdoor access point There are three antenna cables that go from the inside cover to some soldered connections on a PCB. When removing the cover, two of the soldered antenna connections c...
QuestionHiWe have a guest access set up and was wondering what exactly are the sequence of events from connecting to SSID to being granted internet access, see below steps I'm unsure of are left blank1. connect o SSID through AP2. traffic hits Foreign WLC...
Model:C9120AXI-Q Install EWC on C9120 running with CAPWAP as shown in the attached log, but the installation fails.It looks like you're getting an error like out of storage space.Is there any good way?