WLC 4400 web authentication DNS queries are sent from the management interface.
Before authentication, a web authentication client's Domain Name Server (DNS) queries go out over the management port on the 4400, instead of going out over the client's dynamic interface.
This issue is documented in Cisco bug ID CSCsc68105 - 4400 Web Auth DNS queries are being sent from the mgmt interface.
The login page should pop up when a wireless client opens a browser and puts in the URL for the desired page. The URL must contain a site name that has to be DNS resolved, since the DNS resolution is what triggers the re-direction to the login page, either on the controller or on an external server. If the client has a homepage that requires DNS resolution in the browser, as soon as the browser is opened, that DNS resolution triggers the redirect, making it appear seamless.
The workaround is to make sure that the management interface has routes to and from the DNS server. The controller handles routing between the management interface and the dynamic interface the guest WLAN is bound to on its own.
The upgrade can be done through the Graphical User Interface (GUI) or the Command Line Interface (CLI), as shown:-
transfer download serverip
transfer download filename
transfer download datatype code
transfer download path /
transfer download start
This issue is first found in version 3.1(59.24) and is first fixed in version 4.0(155).
4400 Web Auth DNS queries are being sent from the mgmt interface - CSCsc68105
Before authentication, a web auth client's DNS queries go out over the management port on the 4400, instead of going out over the client's dynamic interface.
Workaround: ensure that the DNS server is reachable from the managment interface.
I am trying to add MSE to prime 3.2 in FIPS mode and get the error enclosed. I am following cisco documentation, enabled remote account and cisco gave passphrase but it just does not work. Any help is appreciated.
Hello.I have this issue. I connected many AIR-AP1852I-E-K9 and AIR-AP1852E-E-K9 (they need 20.9W) to different switches that provide 15.4W so I saw "PoE/Medium Power (15.4 W)" on WLC. To provide what my APs need I used a power injector but even after...
We are trying to deploy a wlan network for the clients to support for EAP-PEAP.There is no RADIUS/Active directory will be used here.In this case, can the certificate be directly installed on the cisco WLC and Cisco WLC will act as authentication ser...