Web Portal On WLC Question - Page 2

Steven Williams · ‎06-17-2013

I want to create a basic page that has some legal verbiage on it and requires the user to accept the terms.

I dont want a whole authentication process. How can I do this with the WLC? I also want any request to any site after they connect to a wireless ssid to redirect them to this page so they cant surf till they accept.

thoughts?

Scott Fella · ‎06-18-2013

The main html file should be named login.html, other than that, the bundled files can be named anything. I typically name mine login .tar.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Trent Hurt · ‎06-18-2013

With 7.2 or later code you can disable https of the internal webauth page...

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080bf7d89.shtml

Web Authentication on HTTP Instead of HTTPS

You can login on web authentication on HTTP instead of HTTPS. If you login on HTTP, you do not receive certificate alerts.

For earlier than WLC Release 7.2 code, you must disable HTTPS management of the WLC and leave HTTP management. However, this only allows the web management of the WLC over HTTP.

For WLC Release 7.2 code, use the config network web-auth secureweb disable command to disable. This only disables HTTPS for the web authentication and not the management.

On WLC Release 7.3 and later code, you can enable/disable HTTPS for WebAuth only via GUI and CLI.
Sent from Cisco Technical Support iPhone App

Steven Williams · ‎06-18-2013

Ok I have created the page, I have uploaded to the WLC, I choose the customize option, go to the WLAN > Security > Layer3, I select to override the global config, choose customized, then for login page select my login.html.

The client gets the page, the decline button in the HTML page prompts with a access denied, but the accept button doesnt do anything....Can anyone help me out with this? Is anyone using just an accept and decline button with passthrough authentication? Am I missing something within this code the webauth bundle supplied?

   function reject()
   {
    alert("This option prohibits access to the Guest Network services.");
   }
   function loadAction()
    {
      var url = window.location.href;
      var args = new Object();
      var query = location.search.substring(1);
      var pairs = query.split("&");
      for(var i=0;i     {
        var pos = pairs[i].indexOf('=');
        if(pos == -1) continue;
        var argname = pairs[i].substring(0,pos);
        var value = pairs[i].substring(pos+1);
        args[argname] = unescape(value);
     }
      document.forms[0].action = args.switch_url;

}

Scott Fella · ‎06-18-2013

Well part of this script is tied to the accept button along with the decline button. So are you calling this in the HTML code for the accept button?

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Steven Williams · ‎06-18-2013

The script code was pulled from one of the samples in the webauth bundle. The attached .html was literally one of the examples that I modified the look and feel of.

Scott Fella · ‎06-18-2013

That is a bad page! I will try to see if I can fix it.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Steven Williams · ‎07-15-2013

What kind of third-party cert do I need to stop the secure web page prompt for users? Just a standard SSL cert that is tied to a domain name? Since this is internal what domain do you use? Its not like they are going outside the internal network to the internet?

Scott Fella · ‎07-15-2013

You need a simple web ssl certificate. Here is a link that will explain what needs to be done.

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a77592.shtml

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Steven Williams · ‎07-15-2013

I am more interested in what the DNS name on the controller should be? I public defined internet name? Our company is a child of a main domain name so it becomes difficult to get things like this approved. Do I have to have an external record created for this to work on external DNS servers that I do not control?