Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1820
Views
8
Helpful
11
Replies

WLC 2504 SSID Web Auth not working on Win11

llima
Level 1
Level 1

‎09-19-2024 12:25 PM

Hello everyone

We have a Cisco Wireless Controller 2504, and we are having issues when trying to connect to a SSID with Web Authentication (or Web-Passthrough) configuration on Windows 11 computers.

On Windows 10, iOS and Android works fine with no issues so I'd assume it's not a configuration issue.

When connecting the computer (W11) is able to connect to the SSID and assign an IP from the dhcp, however on browser the web auth page does not appear/redirect (even if we type IP manually).

We tried enabling TLS 1.0 on browser but with no success.

WLC 2504 version is 8.2.170.0

0 Helpful
11 Replies 11

Simon Blomqvist
Level 1
Level 1

‎09-19-2024 12:34 PM

Have you tested this on only one win11 or several?

I would definitively start with upgrading the WLC to 8.5.182.0, could potentially solve any issues.

Simon Blomqvist
Level 1
Level 1

‎09-19-2024 12:36 PM

Unless of course if you have too old AP models that aren't supported in 8.5, then you can go to 8.3.150.0.

0 Helpful

Haydn Andrews
VIP
VIP

‎09-19-2024 03:35 PM

Do you get the redirect page when you go to a site like http://neverssl.com or just an IP like 1.1.1.1?

Are you having issues recieving it from iPhones running IOS 18 as well?

Are you using a publically signed certificate for the portal?

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

marce1000
Hall of Fame
Hall of Fame

‎09-19-2024 10:46 PM

 

  - As per  https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-tac-recommended-aireos.html ; go for 8.5.182.12 (8.5.182.13 for 3504s)
                    on the 2504

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

llima
Level 1
Level 1

‎09-23-2024 01:50 PM

Thanks for everyone's comments

Awnsering your questions:

@Simon Blomqvist 

  • Have you tested this on only one win11 or several?

Yes, this SSID is a guest network, so we tested on several different computers.

  • Unless of course if you have too old AP models that aren't supported in 8.5, then you can go to 8.3.150.0.

We have AIR-CAP2702E-Z-K9, AIR-AP2802E-Z-K9 and AIR-CAP1602I-T-K9 on this WLC.

 

@Haydn Andrews 

  • Do you get the redirect page when you go to a site like http://neverssl.com or just an IP like 1.1.1.1?

Yes, we get the following redirect page on devices without this issue:

llima_0-1727124037996.png

But on Windows 11 we get nothing, and if we put address 192.0.2.1.... it keeps loading until it gets browser error page.

  • Are you having issues recieving it from iPhones running IOS 18 as well?

I'm not sure I'll have to check that, but we didn't have iOS complains so far..

  • Are you using a publically signed certificate for the portal?

No, it's a local generated certificate:

llima_1-1727124458956.png

 

@marce1000 

Thanks for your information, I took a look and will probably end up going this route of doing the firmware upgrade.

 

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to llima

‎09-23-2024 02:21 PM

I see one note about you need to enable scripting in win11 to make webauth work since web in wlc use html

MHM

llima
Level 1
Level 1
In response to MHM Cisco World

‎09-24-2024 06:22 AM - edited ‎09-24-2024 06:25 AM

Thank you, I'll take a look at that

However this WLAN is a Guest Network, so only people outside of the company uses. So this solution is not viable since it would require IT team do deal with devices of guest users.

MHM Cisco World
VIP
VIP
In response to llima

‎09-24-2024 06:30 AM

try with one device if success then we know what issue is and maybe we use other L3 security than webauth 

but let check first 

MHM

llima
Level 1
Level 1
In response to MHM Cisco World

‎09-24-2024 06:32 AM - edited ‎09-24-2024 06:35 AM

Thanks

I just tested this configuration, and it worked.

It took a few minutes for it to take effect and the WLC redirection page to appear, but it worked!

So, with this result what would you recommend doing now?

MHM Cisco World
VIP
VIP
In response to llima

‎09-24-2024 06:41 AM

I canot  say I am happy or sad for this news 
this Win11 issue and as you mention it guest so it will be nightmare for Admin to deal with this issue, 
so let me check other solution but let give you brief about one idea is using external web server, are it OK for you ?

MHM

llima
Level 1
Level 1
In response to MHM Cisco World

‎09-24-2024 07:11 AM - edited ‎09-24-2024 07:12 AM

Thank you very much.

Just updating you about what was done for more information:

On Internet Options scripting was already enabled, so we added web page htts://192.0.2.1 to Trusted Sites.

After that we opened Chrome, but no sucess, then Edge no success also.

It worked only after enabling on Edge Internet Explorer mode (we did that before, but without adding to Trusted sites).

@MHM Cisco World wrote:

so let me check other solution but let give you brief about one idea is using external web server, are it OK for you ?

MHM

Yes sure, no problem, thanks in advance.

As for the external web server, we would have to check that carefully, since this WLC is not ours, its from a costumer we give tec support.

Now is clear that it is a W11 issue.. so updating the WLC firmware as other colleagues have recommended may not solve the problem, right?

0 Helpful
Review Cisco Networking for a $25 gift card
Top