Thank you for the reply I checked out the product link you specified but there are two problems with that 1- Cost ofcourse 2-It still requires some one to manually create the guest accounts.  I deployed another product at my old job and the captive portal had an option where we created a simple page that required user to input those fields, we simply uploaded that page on the Management device and that is it.

So even if I use an external server which I haven no problem using I'm trying to figure out how to pass the provisioning of that user back to WLC so it will send them out on the net once they hit submit?

Thank you Mohammad,

The login page from the external web server  takes the user credentials and sends them back to the internal WLC web server.

These are then either checked against either an internal database, or they are used to authenticate the user through an external Radius server (that could eventually check the credentials against an external database).

The key point to keep in mind is that we can authenticate a user only based on two parameters: user name and password.

It is not possible to authenticate a user based on his first name, family name, email, address, etc. because this would require a specific database.

By relying on user name and password only, we are able to check the user's credentials against many types of external databases (checked by the Radius server), such as LDAP, AD, etc.

Regards,

Fede

--
If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

That makes sense but we want the deployment to be secure yet automated so when guests need to connect they can just connect yet if we need to find out who connected we can easily find out.  For instance if I require a user to input the email only they can just type in anything they like such as "none@none.com".  We need something more reliable and solid.  I found a pretty good product called Aptilo which has multiple ways to register and one of them is via SMS.  Which sounds good because this way they can't provide us with the fake number if they need to use the internet they will have to provide the real number and then access code will be sent to them.  However I am not sure how much that product costs I am going to check into that.

Another link I found was using Microsofts WPS deployment I'm checking into that too as we already have a Microsoft Infrastructure in place, but if you can think of any other product especially open source that would be great.

Sure Mohammad,

If you'd like guest credentials to be sent to the user via SMS, then the Cisco NAC Guest Server can do that too:

http://www.cisco.com/en/US/docs/security/nac/guestserver/configuration_guide/20/g_custom.html#wp1068343

Regards,

Fede

Thank you now that is perfect, however it still requires some one to manually enter the info and then email it to the guest user, do you know if this can be automated so the guest user can go through the process on his own?

Oh that is perfect exactly what I am looking for.  Now I just gotta find out how much it costs.  Thank you for your time and help.

Glad that this helped you Mohammad.

Feel free to ping us back in case you need other clarification on wireless or NAC in the future ;-)

Regards,

Fede

--
If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

Absolutely by the way I checked the pricing on the Cisco Guest NAC appliance and it is like around $15K, so I'm looking at a couple of other solutions too.