Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2840
Views
0
Helpful
6
Replies

Web Authentication Redirection doesn't work

salilai01
Level 1
Level 1

‎07-08-2013 06:13 AM - edited ‎07-04-2021 12:22 AM

Hello,

I'm facing a weird issue, I've one SSID for which all authentications are 100% correct, but now I need to use a new vlan with the same configuration, I did it, but the web page doesn't be displayed but when I entred the virtual interface I have the cisco web authentiaction and no the customized web page !!

I saw the cisco document for "web authen troubleshooting" but no solution solves my problem, any suggestion?

Thanks

Labels:
0 Helpful
6 Replies 6

Scott Fella
Hall of Fame
Hall of Fame

‎07-08-2013 07:17 AM

Well there are many things here. First off, make sure you can preview the custom WebAuth from the WLC GUI. Then I would enable the default and hit apply then set it to custom and hit apply. In some code versions there was an issue and you had to perform this.

You also need to have DNS working, which is very important. I always tell people to connect a laptop to the same vlan as your WebAuth and make sure you get an IP address and connect fine to the Internet. If this fails then your WebAuth will never happen.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Scott Fella

‎07-08-2013 10:23 AM

So is the two SSID's in the same subnet?

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Scott Fella

‎07-09-2013 04:20 AM

Well place the test SSID in a working vlan and see if it works. If it does, your issue is with the new vlan.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Abhishek Abhishek
Cisco Employee
Cisco Employee

‎07-08-2013 12:43 PM

Hello Sali,

As per your query i can suggest you the following solution-

After you configure web authentication, if the feature does not work as expected, complete these troubleshooting steps:

1.Check if the client gets an IP address. If not, users can uncheck DHCP Required on the WLAN and give the wireless client a static IP address. This assumes association with the access point. Refer to the IP addressing issues section of Troubleshooting Client Issues in the Cisco Unified Wireless Network for troubleshooting DHCP related issues.

2.On WLC versions earlier than 3.2.150.10, you must manually enter https://1.1.1.1/login.html in order to navigate to the web authentication window.

The next step in the process is DNS resolution of the URL in the web browser. When a WLAN client connects to a WLAN configured for web authentication, the client obtains an IP address from the DHCP server. The user opens a web browser and enters a website address. The client then performs the DNS resolution to obtain the IP address of the website. Now, when the client tries to reach the website, the WLC intercepts the HTTP Get session of the client and redirects the user to the web authentication login page.

3.Therefore, ensure that the client is able to perform DNS resolution for the redirection to work. On Windows, choose Start > Run, enter CMD in order to open a command window, and do a “nslookup www.cisco.com" and see if the IP address comes back.

On Macs/Linux: open a terminal window and do a “nslookup www.cisco.com" and see if the IP address comes back.

If you believe the client is not getting DNS resolution, you can either:

◦Enter either the IP address of the URL (for example, http://www.cisco.com is http://198.133.219.25)

◦Try to directly reach the controller's webauth page with https:///login.html. Typically this is http://1.1.1.1/login.html.

Does entering this URL bring up the web page? If yes, it is most likely a DNS problem. It might also be a certificate problem. The controller, by default, uses a self-signed certificate and most web browsers warn against using them.

For more information please refer to the link-

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080a38c11.shtml

Hope this will help you.

0 Helpful

salilai01
Level 1
Level 1
In response to Abhishek Abhishek

‎07-09-2013 05:28 AM

you said that the controller, by default, uses a self-signed certificate and most web browsers warn against using them.

how can I check this?

thanks

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to Abhishek Abhishek

‎07-09-2013 05:32 AM

So the issue then is DNS.  If you can't display the splash page when you go to http://5.5.5.5, the your DNS isn't working properly or your NAT isn't enabled for that new subnet.  Connect a laptop to that vlan on the switch and test... if that wired laptop can't browse the internet, then you have a network issue that you need to fix.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card