08-30-2023 05:01 PM
We have two Cisco Catalyst 9800-L-F WLC's in HA config.
We setup a Guest wireless SSID with a custom WebConsent page.
Currently when a use accesses the SSID it takes them to a "Your connection is not private" HTTPS page.
We don't need HTTPS on our Guest SSID. Can this be changed to HTTP instead?
08-30-2023 11:02 PM
- Try : 9800#configure terminal
9800(config)#parameter-map type webauth global
....
9800(config-params-parameter-map)#secure-webauth-disable
9800(config-params-parameter-map)#webauth-http-enable
M.
08-31-2023 05:40 AM
Thanks! We will give this a try.
08-31-2023 12:02 AM
Personally i would not advise to use http for guest network - this will bring security Risk.
08-31-2023 05:39 AM
Thank you but our current WLC is configured with HTTP for the Guest SSID Consent page.
08-31-2023 06:57 AM
If you're going to use http that makes it completely insecure (anybody can sniff the unencrypted packets over the air) so what's the point of even using web-auth in that case?
Just have an open SSID that anybody can join and use without any web-auth.
If you're going to use web-auth then you should be doing it securely.
09-05-2023 10:45 AM
This is how one of our VP's wants it setup, with a splash page, a disclaimer and a consent button. This is how it was setup by previous network admins, this is the way they want it setup on the new controller. I don't make the decisions; I just make them happen.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide