10-08-2024 07:31 AM
I have an existing 5520 with a guest SSID that uses web-auth. It works fine with the passthrough option. Clients are redirected to a web page hosted externally. they click a button and gain access.
I am trying to recreate this with a 9800 v17.9.4a, however the 'passthrough' option is not available.
In web-auth I have:
global:
I have also created a 'guest' parameter map using content type with the URL redirect detailed in the advanced tab. This parameter map is referenced in the WLAN.
The clients get redirected to the URL, however the button click does not allow them to get into the run state.
Any help is much appreciated!
10-08-2024 08:50 AM
10-08-2024 11:13 AM
Thanks @Flavio Miranda I have checked the config in that document and all looks good. I believe my issue is specific to a remote web auth passthrough page
10-08-2024 11:22 AM
Yes, if you check the config and it is fine from the WLC side, the portal can be the issue
10-08-2024 11:25 AM
Yeah, I think you are right. Just seen a client try and connect, they are at least getting an IP address. Unfortunately I a not on site so I don't know if the client just didn't click the button!
Time | Task | Translated |
---|---|---|
2024/10/08 17:59:20.134 | client-orch-sm | Client made a new Association to an AP/BSSID: BSSID a400.4e24.5a8b, WLAN Public Wifi, Slot 1 AP a400.4e24.5a80, Test_01 |
2024/10/08 17:59:20.135 | dot11 | Association success for client, assigned AID is: 1 |
2024/10/08 17:59:20.138 | client-orch-state | Starting Mobility Anchor discovery for client |
2024/10/08 17:59:23.141 | client-orch-state | Entering IP learn state |
2024/10/08 17:59:25.146 | client-iplearn | Client got IP: 10.10.100.248, discovered through: DHCP |
2024/10/08 17:59:25.147 | client-auth | Initiated layer 3 authentication with local web-auth |
2024/10/08 18:06:53.375 | client-orch-sm | Controller initiated client deletion with code: CO_CLIENT_DELETE_REASON_MN_IDLE_TIMEOUT. Explanation: Client deleted by AP, due to inactivity. Normal scenario. Actions: None required |
10-08-2024 11:36 AM
probably the client did not move forward with the authenticaiton due the log CO_CLIENT_DELETE_REASON_MN_IDLE_TIMEOUT
Or there the portal is not returning status (success/unsucess ) to the WLC
10-08-2024 02:15 PM
Has the virtual IP address changed? You also need the Virtual IP Hostname from memory for this to work to an external portal configured
10-09-2024 01:17 AM
That's a good point @Haydn Andrews . The portal currently talks to the 5520 on 1.1.1.1. The 9800 is using 192.0.2.1. Will I need to create a hostname separate to the management hostname? Then create a DNS record to point the virtual IP hostname to the virtual IP (192.0.2.1)?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide