cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2623
Views
0
Helpful
12
Replies
jcowtan
Beginner

bypass / remove Certificate page for Guest User WLAN authentication

When a guest user first trys to access the "guest" WLAN, they are presented with a "certificate page" before the web athentication page / login  is presented.  The WLC forces an internal redirect to https://1.1.1.1 causing the certificate page to appear.  Can this be bypassed?    I am runiing 5508 with   7.0.220.0.    

1 ACCEPTED SOLUTION

Accepted Solutions
Scott Fella
Hall of Fame Guru

DNS is broke. The wlc needs to be able to resolve the users home page. If the wlc can't resolve the home page, you will not get the webauth page.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

12 REPLIES 12

You would need to upgrade to 7.2 to be able to set the Guest page to be HTTP only.

In the version you are on, you need to compeltely disable HTTPS (management as well).

HTH,
Steve

-----------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered

So I have upgraded but I cannot see where I have an option for HTTP in the Guest Login Page? 

Like Steve mentioned, if you don't planning upgrading 7.2, then you need to disable https from the management http-https setting.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Yes - understand.  But now that I have upgraded, I can not find where I have teh option to turn off HTTPS for Guest Web Page.

In the CLI type

config network web-auth secureweb disable

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Did the command work?

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Still testing - seems some users are not seeing teh certificate page and others are bypassing any authentication.  We are upgrading the NCS now and will test more tomorrow.  Thanks for your input.

The others that bypassed are probably still authenticated to the wlc. You should remove them from the client list and test. NCS upgrade has no affect on this.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

So now we can not see any web page, and can not authenticate.  Smart Phone devices show "unable to load web page?"

We do get an IP address (WLC is acting as DHCP for this Guest WLAN).

There have been a few changes .... WLC is at 7.2.   WLC was moved to a new subnet and the Guest VLAN gateway placed into the DMZ.

We can ping the WLC interface for Guest as well as other Guest VLAN addresses.  The Guest VLAN is shared with other non-WLAN devices.

We we turn of web authentication - we get through to internet.

Where do I look?

Scott Fella
Hall of Fame Guru

DNS is broke. The wlc needs to be able to resolve the users home page. If the wlc can't resolve the home page, you will not get the webauth page.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

Thank you - right on the button.  Seems the DNS we had was being filtered.  Found another one and the log in page comes up with no "certification" note.

Great!

That's good news!

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Content for Community-Ad