Re: Need my custom webauth page displayed with HTTP instead of H

npritchett · ‎02-01-2007

I have a custom webauth page installed that I am using with web passthrough authentication on my WLC2006 in order to put up a acceptable use policy page.

The WLC uses HTTPS to display this which causes a security certificate warning to appear if I go with the WLC's own self-signed certificate. Is there a way I can get the WLC to use plain HTTP to display this page instead so I can eliminate the warning?

I have already tried installing a trusted 3rd party certificate on the WLC, but I have this very strange problem where mucking with the WLC's web authentication certificate in any manner causes all network activity on the WLC to break except for CDP and ARP, essentially leaving the WLC dead. Three weeks of troubleshooting with Cisco TAC has yielded no progress on that front so now I am trying to bypass the need for a security certificate altogether since I really don't need to encrypt my acceptable use policy page.

cuevas · ‎02-01-2007

I've run into a similar problem, and TAC couldn't assist. Pretty much they said it was a code issue.

My question to you is...how did you create your own custom webauth page? I'm trying to do that and can't seem to be able to download the webauth bundle FROM the WLC.

npritchett · ‎02-01-2007

The documentation doesn't provide very clear direction, does it?

To download the WLC's default webauth page, browse to the controller's Security > Web Login Page. Make sure the web authentication type is Internal (Default). Hit the Preview button. Then use your browser's File > Save As... menu item to save the HTML into a file. Edit this to your liking and bundle it and any graphics images up into a TAR archive, then upload via the controller's COMMAND page.

cuevas · ‎02-01-2007

no the documentation doesn't provide very clear directions. it just assumes you know.

I will try that. thanks alot!!

James Wilkinson · ‎03-13-2007

I too am having an issue here and would be content to either have the page redirect to http or successfully take the 3rd party certificate. When I did install the cert the client PC being redirected says it is being redirected to a trusted site and then doesn't go there when you select "yes". Anyone have any progress here?

mmatulevich · ‎03-15-2007

I am also interested in hearing any progress on this idea. Guests joining the network with a passthrough page with nothing more than an acceptable use policy should not have to deal with certs and security warnings. Any progress here please post!

npritchett · ‎03-27-2007

Cisco TAC informed me that getting it to display in plain HTTP was not possible, so I went ahead and purchased a trusted certificate.

Perhaps we need to submit a new feature request? I really fail to see why I need to spend a couple hundred dollars to allow my guests to see an AUP page. I could be spending the money on more Cisco access points instead.

Thomas Obbekaer Thomsen · ‎10-01-2012

Did you ever get this to work ?

I have just tried this with a custom page and it failed when I disabled https globally (and just enabled http) on the controller.

The funny thing is that the internal webauth with passthrough worked fine with only http ?

(Setup: WiSM - 7.0.230)

George Stefanick · ‎10-01-2012

7.2 supports the need to disable HTTP on the guest page while still keeping HTTPS on the WLC for access.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

George Stefanick · ‎10-01-2012

Sorry, I mean 7.3 .. not 7.2 ..

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Scott Fella · ‎10-01-2012

George... it's 7.2 that you can disable webauth https but still use https for management. I believe 7.2.110.0 had a bug, but it was fixed in 7.2.111.3. I don't know for sure though.

config network web-auth secureweb disable

Sent from Cisco Technical Support iPad App

-Scott
*** Please rate helpful posts ***

George Stefanick · ‎10-02-2012

Scott thats for keeping me on the narrow ..

Tom, if you only have a WISM 1 you wont be able to load 7.2 code on this platform.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

npritchett · ‎10-01-2012

I have not made the attempt since 2007. My understanding is that the situation is still the same if you are using a custom webauth page.

Thomas Obbekaer Thomsen · ‎10-01-2012

OK.

So just so I can get this into my brain.

http works with internal webauth, but not custom pages on pre. 7.2 ?

And the "whole" thing works on 7.2+ ?

Need my custom webauth page displayed with HTTP instead of HTTPS