cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
384116
Views
5
Helpful
15
Replies

Cisco Wireless 1.1.1.1/login.html redirect issues

upen desai
Level 1
Level 1

Hello

Hope you can help. with our WLC 5500 controller, once the clients get the DHCP address the page is not redirecting them to the guest portal.

What is the best way to check as to why the redirection is failing.

many thanks

Upen Desai

1 Accepted Solution

Accepted Solutions

You don't need to.  The main thing if the webauth page does not appear is due to the clients homepage being https not http or dns issues.  If you remove the webauth and associate to the ssid, can you access the internet?  This will prove that dns is working okay from the guest users.  Try that first and let me know.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

View solution in original post

15 Replies 15

Scott Fella
Hall of Fame
Hall of Fame

That usually points to dns. Is the home page an https, if so, the user will not get redirected. The WLC intercepts the home page when the users opens up a browser and then verifies that dns can resolve the home page. If so, the WLC pushes the WebAuth page to the user. If not, the WLC dies nothing. If your using a 3rd part certificate to get rid of the certificate error, you need to make sure the fqdn can be resolved by the dns the clients are going to use.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Hi

Thank you for replying, the is https, and its setup using default settings, redirected using 'Internal (Default)' option. Not using any other certs.

Can you please advise on any other ways to testing WebAuth via command line.

The homepage can't be https only http.  Here is a guide to help you troubleshoot:

https://supportforums.cisco.com/docs/DOC-13954

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Thank you Scott, i was reading this before posting.

I meant to say when the redirection use to happen the address was https://1.1.1.1/login.html

Would you suggest for such implementation to have a DNS entry that would point back to the controllers IP address.

the DHCP part of this process is working fine, just the redirect does not go anywhere.

many thanks

You don't need to.  The main thing if the webauth page does not appear is due to the clients homepage being https not http or dns issues.  If you remove the webauth and associate to the ssid, can you access the internet?  This will prove that dns is working okay from the guest users.  Try that first and let me know.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Thank you for your help on this issue.

Under Interfaces, virtual interface for 1.1.1.1

I removed the entry for DNS Host Name and set it to blank.

I test the redirect and seems to work fine.

Upen,

That entry in the virtual interface is if you are using a 3rd party certificate to remove the certificate error when a guest opens up a web browser. So that is why the login page was not appearing. There was no valid cert and the fqdn you entered was not resolving. Glad you got it working!

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Thank you Scott for sharing the workaround +5 :-)

Regards,
Vinay Sharma
Community Manager

Thanks & Regards

 

dns should resolve the initial url request then wlc hacks that packet and replace it with 1.1.1.1 instead of the resolved address to show the splash page to user, either u can use the public dns or insider dns that resolves the initial url request.

once client connected to webauth wlan and got an ip, manually type https://1.1.1.1/login.html, does it shows the cert warning and splash page after that, if not try with diff device, could be a browser issue. if it brings the page then like scott mentioned check the dns works thru nslookup.

Hi Upen,

As suggested by Saravanan you can directly enter the https://1.1.1.1/login.html to reach the page, as well as you can try a nslookup on one of the client connected to the SSID to make sure if youre DNS is responding to query request or not just to isolate the issue.

Thanks,

Ashish

 

Public solution Test prod Sanity

Test Comment

Review Cisco Networking for a $25 gift card