11-12-2013 08:19 AM - edited 07-04-2021 01:15 AM
On the Cisco 5508 WLC, is the guest WLAN function limited only to http/https traffic?
I want to enable users to
1. Connect to the guest WLAN without client-side configuration (these would be outside users with laptops)
2. Authenticate with the local controller database
3. Use other protocols in addition to http/https
For instance: if they need to FTP a file up or down from an extranet
Is this possible to do?
Solved! Go to Solution.
11-12-2013 08:38 AM
Yes that is correct. Webauth or pass through uses either http or https. That is why you see those protocols. Doesn't mean the WLC only allows that. You just block what you want on the ASA.
Sent from Cisco Technical Support iPhone App
11-12-2013 08:22 AM
1. Connect to the guest WLAN without client-side configuration (these would be outside users with laptops)
> you would setup an open authentication with a captive portal page in which the user can just hit accept to access the guest wireless.
2. Authenticate with the local controller database
> you can setup webauth for guest users to login using a username and password that is locally stored on the WLC.
3. Use other protocols in addition to http/https
For instance: if they need to FTP a file up or down from an extranet
Once they are authenticated, they can do whatever your network allows.
Sent from Cisco Technical Support iPhone App
11-12-2013 08:24 AM
Here are some links to review.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008067489f.shtml
https://supportforums.cisco.com/docs/DOC-13954
Sent from Cisco Technical Support iPhone App
11-12-2013 08:35 AM
So there is not some kind of inherent limitation in regards to traffic that is defined on a guest WLAN?
In this scenario, it is very simple. I have a controller connected directly to an ASA firewall. So aside from assigning ACLs on the controller or ASA, authenticated clients will be able to do whatever they want on the Internet (in terms of ports, applications, etc.)?
11-12-2013 08:38 AM
Yes that is correct. Webauth or pass through uses either http or https. That is why you see those protocols. Doesn't mean the WLC only allows that. You just block what you want on the ASA.
Sent from Cisco Technical Support iPhone App
11-12-2013 08:40 AM
Great, thanks Scott
11-12-2013 08:54 AM
No problem. Just follow the doc and it should be pretty simple to setup.
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide