Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
679
Views
0
Helpful
3
Replies

configure exceptions from Webauthentication

amadeus
Level 1
Level 1

‎12-15-2008 07:00 AM - edited ‎07-03-2021 04:53 PM

Hi,

is there a possibility to use a single SSID for guest access using primarily Webauthentication and adding exception for certain ip addresses or URL's so that a connection to e.g. cisco.com or a VPN gateway can be established without authentication but everything else needs authentication? We are using 4402 controllers with sw version 5.1.151.0.

Labels:
0 Helpful
3 Replies 3

p.blakeway
Level 1
Level 1

‎12-15-2008 01:53 PM

you should be able to use a pre-authentication ACL for this very task. iirc create an ACL in security then apply ACL in the web authetication.

0 Helpful

amadeus
Level 1
Level 1
In response to p.blakeway

‎12-16-2008 12:52 AM

i set up the follwoing ACL and applied it to the webauthentication preauthentication ACL:

(MUCWCO04) >show acl detailed "No authentication"

1 Out 192.168.11.0/255.255.255.0 213.70.140.107/255.255.255.255 Any 0-65535 0-65535 Any Permit 0

2 In 213.70.140.107/255.255.255.255 192.168.11.0/255.255.255.0 Any 0-65535 0-65535 Any Permit 0

DenyCounter : 2037

but if i try to ping 213.70.140.107 it's not working and i just see the deny counters increasing. As soon as i log in as guest user it's working fine. Is there anything wrong on the ACL?

0 Helpful

amadeus
Level 1
Level 1
In response to amadeus

‎01-05-2009 04:46 AM

i just mixed up inbound and outbound. It's working fine now.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card