Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1982
Views
6
Helpful
6
Replies

Blank ISE redirect portal on certain APs

jesse.garcia11
Level 1
Level 1

‎06-30-2021 11:02 AM - edited ‎07-02-2021 09:37 PM

We are having an issue where the guest portal is not bringing up the redirect page for authentication. We are using a Cisco WLC 5500 and use ISE version2.4.0.357 patch 8,11. On this issue, the AP in question is part of a flexconnect group with other APs for the site. ALl the other APs in this flex connect group can connect fine and get the proper redirect page. On the AP in question, all other SSIDs work as well, they are wpa2. This particular SSID is our guest network and uses a guest portal for auth. I was reading online that sometimes the AP does not pull all the correct files, but how can I access the command line of the AP to verify? I would also like to debug the controller for this particular session but dont know what debug would let me see this interaction of client and AP of getting a blank redirect page.  I cant seem to telnet or ssh in. Any help or guidance on what to troubleshoot would be greatly appreciated. 

1 person had this problem
Labels:
0 Helpful
6 Replies 6

pieterh
VIP
VIP

‎07-01-2021 03:53 AM

>>> I cant seem to telnet or ssh in <<<
you mean the controller ? or the access point ?
if the access point then you need to enable this from the controller (disabled by default)
- create an local account to be used on the access points
- Configuring Telnet and SSH for APs (GUI) (NB! telnet is not supported on Cisco Wave 2 and 802.11ax APs.)

  1. Choose Wireless > Access Points > Global Configuration.

  2. In the Global Telnet SSH area, check or uncheck Telnet and SSH check boxes.

 

patoberli
VIP Alumni
VIP Alumni

‎07-01-2021 09:06 AM

Have you tried to reload the AP in question?

Does it have correct lan access to the guest-access VLAN? This is important if you use Flexconnect Local-Switching. 

0 Helpful

craig.beck
Level 1
Level 1

‎07-06-2021 05:04 AM

For the redirect to work in FlexConnect mode, the ACL needs to be pushed from the WLC to the AP. If the AP isn't in the correct FlexConnect group the ACL may not be being applied. You can check on the AP by using the show ip access-lists command at the AP CLI.

 

If the ACL is present on the AP, check the VLANs allowed and the native VLAN ID set on the switchport.

0 Helpful

jesse.garcia11
Level 1
Level 1

‎07-06-2021 10:53 AM

Thanks for the reply. Yes I have figured out how to ssh in thank you @pieterh.

@patoberli Yes I have tried resetting the AP. I just might disconnect it and reset up. 

@craig.beck Thanks. I will verify that as well. I think since it is in the same group and receiving the same vlans as as the other APs in the building that are not having any issues. But I did verify the switchports are configured correctly. 

0 Helpful

SzantaiNorbert
Level 1
Level 1

‎03-06-2024 08:30 AM

Hello,

Have you found the solution? We have a customer where we have the exact same issue. The clients received the redirect URL based on the WLC, but the redirect page is not showing up.

0 Helpful

jesse.garcia11
Level 1
Level 1
In response to SzantaiNorbert

‎03-14-2024 09:32 AM

I believe this was a bug with our 2702 APs. Once we swapped them out to new Aps it seemed to work

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card