Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
822
Views
4
Helpful
6
Replies

Whitelist a single client to bypass local web authentication (9800)

nickydd9
Level 1
Level 1

‎10-29-2024 11:37 AM

I am running a Catalyst 9800 WLC on 17.12.3 and have an SSID currently setup and working for local web authentication. When users attempt to connect, they are presented with the web auth portal and must enter the username and password of the guest account we have created for them to connect. 

I have a potential requirement of adding a non-standard device to this SSID wirelessly which is a printer. The printer won't be able to access the web auth portal GUI to enter any credentials, so I was wondering if there is a method to whitelist one specific client to bypass the local web authentication and connect to the SSID. Perhaps a MAC address bypass? 

My other solution would be to have a separate SSID for this with MAC filtering enabled that maps to the same VLAN as the existing SSID, but I'd rather not broadcast a new SSID if I don't have to. 

6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

‎10-29-2024 11:40 AM

If you using ISE or Radius, you can use MAB for this kind of requirement, yes you can also consider other SSID if you like for the different IP address VLAN to segment the Printers.

example :

https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213922-configure-mac-authentication-ssid-on-cis.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

nickydd9
Level 1
Level 1
In response to balaji.bandi

‎10-29-2024 11:45 AM

I am not using ISE, so is a second SSID with MAC filtering my only option?

0 Helpful

Flavio Miranda
VIP
VIP

‎10-29-2024 12:03 PM

@nickydd9 

For external guest portal you need Access List in order to redirect, This could be possible by adding one line on the ACL for the printer. This way the redirect wouldn´t happen.

Now, internal web portal, I dont believe is possible. I believe the second alternative is the one to follow.

 

0 Helpful

Haydn Andrews
VIP
VIP

‎10-29-2024 07:38 PM

Given Local WebAuth your best option would be seperate SSID for the printer

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

srimal99
Level 1
Level 1

‎10-30-2024 01:31 AM

As @Flavio Miranda  mention you can create a access-list and  separate SSID  with mac filtering for printer.

*** Please rate helpful posts ***

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card