Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
3406
Views
10
Helpful
6
Replies

Users are unable to access internet when they are connected to Guest Wifi

sharath.babu9022@gmail.com
Level 1
Level 1

ā€Ž03-20-2019 08:34 AM - edited ā€Ž07-05-2021 10:05 AM

Users are unable to access internet when they are connected to Guest Wifi. We are using 2504 model WLC and it is running on 7.6.130.0 version. We are using web authentication (Layer 3) for Guest Wifi, when user is connected to the Guest wifi they are getting an IP address through DHCP, while they are redirected to the virtual IP address of the WLC, they are getting request timed out.

 

Users are not prompted to enter username and password. We manually entered http://1.1.1.1/login.html in the browser but no luck. Any help is appreciated. I have attached the debug logs from the WLC and 10.237.4.0/24 is the guest wifi subnet.

Preview file
19 KB
0 Helpful
6 Replies 6

Sathiyanarayanan Ravindran
Spotlight
Spotlight

ā€Ž03-20-2019 09:50 AM

Hi Sharath,

 

Try to create a ACL on the WLC with any any allowed and map it to the WLAN Pre-authentication ACL and see whether it gets redirect to the internal portal page.

 

On Security-->Access Control List-->Access Control List

 

PreAuthACL.JPGACL.JPG

 

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)

sharath.babu9022@gmail.com
Level 1
Level 1

ā€Ž03-21-2019 05:42 AM

Hi Sathyanarayanan,

 

Thanks a lot for your response!

 

I did add an access list on the WLC but instead of any any I added an access list allowing traffic from any to 1.1.1.1 and reverse access from 1.1.1.1 to any and the issue got resolved. As expected, user got redirected to the web page and prompted for the username and password. After Authentication, users were able to browse internet. 

 

Thanks again for your guidance!Guest Wifi.PNG

sharath.babu9022@gmail.com
Level 1
Level 1

ā€Ž03-21-2019 05:49 AM

Hi Sathiyanarayanan,

We added an access list to permit traffic between 1.1.1.1 and any host. After that, Guest users were redirected to https://1.1.1.1/login.html web page for authentication as expected. 

 

The issue is resolved. 

 

Thanks for your help!Guest Wifi.PNG

0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight

ā€Ž03-21-2019 06:02 AM - edited ā€Ž03-21-2019 06:03 AM

Great :)

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful

AllanGrah
Level 1
Level 1

ā€Ž03-21-2019 07:27 AM

I'm late to the party but was going to suggest the ACL as well as that issue hit us during some testing.

On a side note, that 7.6 code.   Eek.    I thought that 7.6 train was deprecated for all its' issues?    (it gave us numerous issues)

0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight

ā€Ž03-21-2019 08:01 AM

Hi Allan,

 

Yes, Its no more recommended by Cisco. If you're running in 7.6 code, Upgrade the WLC to Cisco recommended one.

 

Below link is for your reference to choose the Image based on controller model.

 

Cisco WLC OS Suggestion 

 

Also one more point I want to add here, Using 1.1.1.1 as Virtual IP is also not recommended by Cisco. refer this tech-notes WLC Virtual IP address 1.1.1.1

 

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card