Here is a video which explains Web authentication on Wireless lan controllers. This video starts with the basics and then discusses the details of the web authentication process.
If you are using an external web server for web authentication with a Cisco 5500 Series Controller, a Cisco 2100 Series Controller, or a controller network module, you must configure a preauthentication ACL on the WLAN for the external web server.
Normally, no traffic from the user is allowed to pass through the WLC until the client authenticates successfully with the WLC. With pre-authentication ACL, as the name implies, you can allow client traffic to and from a specific IP address even before the client authenticates. This helps to forward the client traffic to the External Web Authentication server (external to the WLC network), which is used to authenticate the user in the web authentication process.
Thanks Rajesh for the slideshow video. The web authentication configuration seems pretty straighforward as you mentioned in the video. But I think it could be helpful to describe the LAN set; router, switch configurations when setting up guest vlans for WIRED guest services as well. I have a situation where I want to deploy a pair of 4404 controllers as a anchor for about 20 remote locations. BUT at the remote locations need wired guest services. I have currently deployed Bluesocket devices at the remote facilities and want to shut them down and run only WLCs. Thanks again and just thought others might want to see more detail like this on the wired setup.
What if you are doing web-passthrough ? Is the ACL still allowing pre-auth clients to access allowed hosts?. I ask because currently we are having an issue were connected clients ( using a web pass-through wlan policy) , if they have the local web page as home , it is not redirecting to the validation web page , unless they open a different web page , then after they click accept , they are able to go to any web site.
Im looking for the "Web Authentication on Cisco Wireless LAN Controllers (WLCs)" video but I cant find it. I only see Rajesh saying "hi" 5 seconds. Can someone please provide me the link of the example video?
Hello,I have 3 WLAN with QoS configured by metal policy : - Main network : Gold - SoftPhone network : Silver - Guest network : BronzeI want to configure QoS on VoIP traffic with platinum policy (SoftPhone network), but the rest of the traff...
view more
Hi all,When I "apply" the AP 803's web setting the web page will occur error 404.The version of AP 803 is 15.3(3)JKI have been try to use the Browser:Chrome、Edge、Firefox , and also try the older version of the browserStill doesn't work!!How do I fix ...
view more
wlc 5502 version is 8.5.161.6i have a ssid use by macos device,and disable loadbalance and 802.11rthe ssid use 802.1x authentication with windows 2012r2 nps service(radius)but apple device untimely disconnect,windows device is no problemi open a ssid...
view more
Hi, I would like to setup a Palo Alto firewall between cisco WLC and APs to control some traffic. Anyone can share some idea for this? or send link in order to know what I need to pay attention to? Thank you very much.
If you are using UNII-2 Ext channels, is there a way to get DFS notices in the WLC log? I thought they showed up there by default, but I just found DFS pauses in the logs on several APs, and there was nothing in the WLC log about it. I've logg...
view more
