Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1294
Views
0
Helpful
7
Replies

Guest SSID web auth issue

a_naipaul
Level 1
Level 1

‎10-17-2019 06:20 AM - edited ‎07-05-2021 11:09 AM

Hi guys,

 

If possible, please could I have your assistance.

 

We currently have Access Points which are in flex connect mode and are split across 2 x Wireless controllers (5508) – The APs are in high availability mode and will fail over to the secondary controller in the event of failure to the primary – Please note the controllers are located in different geographic regions.

 

An issue has occurred with the primary controller and the APs have failed over to the secondary – I have checked the controller and can see they are now located on the secondary. However, for a specific SSID which is a guest network, users are not able to login to this.

 

The guest network utilises web auth with a splash page login – I can confirm that the SSID works because I can login to it, however, my aps have not had to failover as the secondary controller is my sites primary.

 

I was wondering if there could be a case that the users are being redirected to the primary “failed” controller, as opposed to being redirected to the splash page on the secondary controller – which is why they are not able to login….

 

Please let me know if that could be a possibility or if it that cannot happen… any help will be appreciated!

Labels:
0 Helpful
7 Replies 7

patoberli
VIP Alumni
VIP Alumni

‎10-17-2019 08:31 AM

Do you maybe not use the same VLAN for your local guest-side compared to the remote guest side?
Depending on your configuration (Flexconnect, Local, SSID, …) that might be an issue.
0 Helpful

a_naipaul
Level 1
Level 1
In response to patoberli

‎10-17-2019 08:35 AM

Hi,

 

Thank you for the reply – The APs are built in flex connect mode, so the local vlans are not dependent on which controller they are connected to.

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to a_naipaul

‎10-17-2019 08:43 AM

In that case I suggest you check the flex group for that ssid if everything is correct.
Do the clients get a valid ip address?
0 Helpful

a_naipaul
Level 1
Level 1
In response to patoberli

‎10-17-2019 08:49 AM

Hi,

 

From doing a sanity check on the controller, the flex connect groups look ok to be honest.

 

The issue is that when the users are looking to connect to the guest URL, they are redirected to the splash page - Once they try to logon to the splash page using valid guest credentials, the web page spins goes blank and just goes back to the original login splash page..

 

I was initially thinking this could be an authentication error - However, I tried the connectivity myself and the credentials worked fine. 

 

So I was thinking are they being redirected to the defective controller still? Not sure if that is possible....

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to a_naipaul

‎10-17-2019 09:39 AM

Do you use the wlc guest portal or a third party one?
0 Helpful

a_naipaul
Level 1
Level 1
In response to patoberli

‎10-17-2019 01:28 PM

The guest portal which is on the WLC, we do not use a third party one 

0 Helpful

Haydn Andrews
VIP
VIP

‎10-17-2019 01:58 PM

confirm the following are the same on both WLCs

 

WLAN Settings

WebAuth page - if using local web auth

ISE Setting if using CWA or ISE for the splash page

Flexconnect groups and VLAN mappings

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card