cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
349
Views
0
Helpful
3
Replies

Problem Webauth Cisco 5760

I have a question about webauthentication and redirect.

We use a cisco 5760 controller in our network. At the moment we are implementing a tool which cliënts can install and this tool makes it possible to connect to our wireless network. The cliënts can obtain this tool from an external website. I want to create an open ssid which only allows the clients to get redirected to this website. So when they open a browser they immediately get redirected to this website.

Is it possible to create this with the web policy enabled? Because i have done and tested this, but i doesn't seem to work. First of all i don't get any internet connection, because i am not authenticated. It also doesn't redirect to the website. So is it possible on the 5760 with web policy enabled to get redirected to this website and that i also can make a connection to this website without having to authenticate?

3 Replies 3

Yes, this should be possible.

Here is basic config I have used in  my setup (5760 MC an 3850 MA with guest anchor)

parameter-map type webauth global
 type webauth
 virtual-ip ipv4 192.0.2.1
!
parameter-map type webauth ABC_Web_Auth
 type webauth
 redirect for-login https://<redirect_URL>;
 redirect portal ipv4 x.x.x.x
!
wlan ABCGuest 15 ABCGuest
 aaa-override
 band-select
 client vlan X
 ip dhcp required
 mobility anchor
 no security wpa
 no security wpa akm dot1x
 no security wpa wpa2
 no security wpa wpa2 ciphers aes
 no security ft over-the-ds
 security web-auth
 security web-auth authentication-list ABC-GUEST
 security web-auth parameter-map ABC_Web_Auth
 session-timeout 14400
 no shutdown

This doc should also helps

http://www.cisco.com/c/en/us/support/docs/wireless/5700-series-wireless-lan-controllers/117728-configure-wlc-00.html

https://supportforums.cisco.com/document/147091/converged-access-%E2%80%93-local-webauth-local-authentication-and-radius-authentication

HTH

Rasika

*** Pls rate all useful responses ***

It is really hard to find a post/document on webauth on 5760 with an external webauth server. The configuration that you have mentioned above, can this be used to do webauth from an external server

redirect for-login https://<redirect_URL>

redirect portal ipv4 x.x.x.x ! - 

I want the users to see the Guest page from the ISE, can I use the above commands to achieve this 

 

Regards

Nikhil

Review Cisco Networking for a $25 gift card