12-21-2021 10:35 AM
Hello Community,
We are in the process of configuring and testing a Guest WiFi network utilising the Cisco 1852 access points and using an external guest wifi portal.
We've tested other manufacturers access points, including that of the Meraki, Unifi, Aruba ranges and can get them all working with the software perfectly but we seem to be having an issue whereby when a user logs into the Guest WiFi, their MAC address of the device is being captured as the SSID of the network, so it will display as, for example XY:ZH:OT:EL:WI:FI
If we then use another mobile phone that hasnt seen the network before and we go to login to the free WiFi by selecting the relevant SSID, the software then thinks the phone has been seen before and "welcomes back" a different person because the SSID is technically the MAC address so once person 1 logs into the guest Wifi, the next person and the next person and so on gets called another name....
We know its not a software issue but something that we have potentially missed. Not sure if anyone could guide us or point us in the direction that may help.
We do have numerous APs so there will be a base mac and then the other APS in terms of setup.
many thanks
12-22-2021 04:34 AM
Hi
If I understood correctly you have a service guest portal that is wellcoming clients that never connected to the network because it is using the BSSID instead the client Mac address. Is that correct?
"heir MAC address of the device is being captured as the SSID of the network, so it will display as, for example XY:ZH:OT:EL:WI:FI"
I think the guest portal is looking at the wrong place when getting information on the client session. Instead the physical client address they are getting the BSSID.
12-22-2021 05:15 AM
12-22-2021 05:57 AM
Alright but how this Third part portal works? Where does it get clients mac address? As per your description, it is getting the BSSID information, which is the same as a Mac address but actually represent the SSID.
Maybe it is a long shot but it seems to me that they are looking on the wong place when using cisco AP.
You may should access the Access point using CLI ou Web interface and check if the clients list there and the compare with client llist on the guest portal.
12-23-2021 06:07 AM - edited 12-23-2021 06:26 AM
You said you're using 1852 APs but did not mention what WLC you're using and what version of software it is running on?
How is your guest portal configured on the WLC?
If you're using radius there are a few parameters you can tweak for what is sent and what format is used but agree with @Flavio Miranda - this is definitely a problem with the portal. They're obviously expecting you to send specific parameters only and they're blindly parsing that without any checks. If they have a specific required config on the WLC then they should be able to tell you. Even if they get extra parameters if they were actually parsing it properly they'd still get the right data but they're obviously not checking the fields at all.
If web redirect then the parameters are as per the docs https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/wlan_security.html#ID563
These parameters are added to the URL when the user’s Internet browser is redirected to the customized login page:
ap_mac —The MAC address of the access point to which the wireless user is associated.
switch_url —The URL of the controller to which the user credentials should be posted.
redirect —The URL to which the user is redirected after authentication is successful.
statusCode —The status code returned from the controller’s web authentication server.
wlan —The WLAN SSID to which the wireless user is associated.
The portal just needs to parse those fields correctly.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide