06-30-2021 11:02 AM - edited 07-02-2021 09:37 PM
We are having an issue where the guest portal is not bringing up the redirect page for authentication. We are using a Cisco WLC 5500 and use ISE version2.4.0.357 patch 8,11. On this issue, the AP in question is part of a flexconnect group with other APs for the site. ALl the other APs in this flex connect group can connect fine and get the proper redirect page. On the AP in question, all other SSIDs work as well, they are wpa2. This particular SSID is our guest network and uses a guest portal for auth. I was reading online that sometimes the AP does not pull all the correct files, but how can I access the command line of the AP to verify? I would also like to debug the controller for this particular session but dont know what debug would let me see this interaction of client and AP of getting a blank redirect page. I cant seem to telnet or ssh in. Any help or guidance on what to troubleshoot would be greatly appreciated.
07-01-2021 03:53 AM
>>> I cant seem to telnet or ssh in <<<
you mean the controller ? or the access point ?
if the access point then you need to enable this from the controller (disabled by default)
- create an local account to be used on the access points
- Configuring Telnet and SSH for APs (GUI) (NB! telnet is not supported on Cisco Wave 2 and 802.11ax APs.)
Choose Wireless > Access Points > Global Configuration.
In the Global Telnet SSH area, check or uncheck Telnet and SSH check boxes.
07-01-2021 09:06 AM
Have you tried to reload the AP in question?
Does it have correct lan access to the guest-access VLAN? This is important if you use Flexconnect Local-Switching.
07-06-2021 05:04 AM
For the redirect to work in FlexConnect mode, the ACL needs to be pushed from the WLC to the AP. If the AP isn't in the correct FlexConnect group the ACL may not be being applied. You can check on the AP by using the show ip access-lists command at the AP CLI.
If the ACL is present on the AP, check the VLANs allowed and the native VLAN ID set on the switchport.
07-06-2021 10:53 AM
Thanks for the reply. Yes I have figured out how to ssh in thank you @pieterh.
@patoberli Yes I have tried resetting the AP. I just might disconnect it and reset up.
@craig.beck Thanks. I will verify that as well. I think since it is in the same group and receiving the same vlans as as the other APs in the building that are not having any issues. But I did verify the switchports are configured correctly.
03-06-2024 08:30 AM
Hello,
Have you found the solution? We have a customer where we have the exact same issue. The clients received the redirect URL based on the WLC, but the redirect page is not showing up.
03-14-2024 09:32 AM
I believe this was a bug with our 2702 APs. Once we swapped them out to new Aps it seemed to work
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide