Solved: Unable to connect to Wifi

mahesh18 · ‎08-15-2015

Hi everyone,

I am trying to setup wifi with AP and WAP in lightweight mode.

Under layer 2 security for WLANs what options i should choose?

Basically i want that users can see the SSID and then they should be able to connect to it.

But currently user can see the SSID but when they try to connect it fails PC shows unable to connect.

My plan is once user is able to connect then he should browse to internet then wirleless login page should come and it should ask user for username

and password.Username and password should be defined locally in WLC

Regards

Mahesh

Prakash Parvathala · ‎08-17-2015

HI Mahesh,

Here are some good guides for layer2 security options you must know.

Please read the below two links for better understanding on the authentications of WLAN

http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/106082-wlc-compatibility-matrix.html

Authentication on Wireless LAN Controllers Configuration Examples:

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/82135-wlc-authenticate.html

View solution in original post

Ric Beeching · ‎08-17-2015

Hi Mahesh,

Prakash has provided some good links. My instructions would only give you the very basic security of a pre-shared password which I thought was what you were asking for. If you'd like to look at username / password options then you'll need to decide where those usernames will reside - on a server or on your WLAN Controller and how are you going to manage each one etc... it gets more complicated basically! I recommend reading Prakash security link as they have good suggestions for types of auth and you can decide how you want to manage the username/passwords.

Ric

-----------------------------
Please rate helpful / correct posts

View solution in original post

Ric Beeching · ‎08-16-2015

Hi Mahesh,

It depends what kind of security you want! If you'd like the basic one password for everyone to use then select WPA-WPA2 then tick WPA2 Policy-AES and tick PSK (write in your desired pre-shared password) and select Apply. See screenshots attached.

This is the most secure way of implementing a pre-shared key solution but isn't recommended from a security point of view as someone could get hold of your pre-shared key through various methods and then gain access to your network which may give them access to internal resources if you have them available on that network.

Cheers,

Ric

-----------------------------
Please rate helpful / correct posts

mahesh18 · ‎08-17-2015

Hi Ric,

IS there any way i can prompt user to use username ?

Does layer 2 security prompy for username also?

If i use this then under layer 3 security do i need to check something there also?

Regards

Mahesh

Ric Beeching · ‎08-17-2015

Hi Mahesh,

Prakash has provided some good links. My instructions would only give you the very basic security of a pre-shared password which I thought was what you were asking for. If you'd like to look at username / password options then you'll need to decide where those usernames will reside - on a server or on your WLAN Controller and how are you going to manage each one etc... it gets more complicated basically! I recommend reading Prakash security link as they have good suggestions for types of auth and you can decide how you want to manage the username/passwords.

Ric

-----------------------------
Please rate helpful / correct posts

mahesh18 · ‎08-17-2015

Many thanks Ric

Prakash Parvathala · ‎08-17-2015

HI Mahesh,

Here are some good guides for layer2 security options you must know.

Please read the below two links for better understanding on the authentications of WLAN

http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/106082-wlc-compatibility-matrix.html

Authentication on Wireless LAN Controllers Configuration Examples:

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/82135-wlc-authenticate.html