Background:
A WLC 4400 series with software release 3.2.78, and is configured to provide Web authentication to the wireless clientes. There are 2 WLANs defined, one for "guests" users and one for internal users. No local users defined on the WLC. The AAA process is done by a Radius by a Cisco Secure ACS release 3.3. There are configured 2 users groups in the ACS, "guests" and "users".
For the "guest" group WLAN was defined one collective account, lets name it "saga" with its correspondent password. And also are several individual user accounts defined for both users groups.
The Web authentication problem is with the collective guests account "saga", and is a problem that show up in a random fashion.
Problem description:
A guest wireless client is associated to the guest WLAN. In the screen appear the Web login page. The user has been assigned the collective guest account, so he/her type in the username "saga" and the correspondent password. Click on the submit button, and there's no access to the network. The screen shows again the Web login page. This happen every time that the username and password is typed in.
And the same occurrs simultaneously also for any other client trying to authenticate using the same collective account.
Some time this behavior is broke changing something in the username, lets say "SAGA" or "Saga" instead of "saga".
While this problem was going, a debug aaa details enable command was performed on the WLC.
When the collective "saga" user account and password was entered and submited, nothing appears in the debug output on the WLC!!!!
Using the same web login page and using any other user account, the access to the network is achieved without any problem and also a normal debug output on the WLC
Some things, as delete and redefine the "saga" account has been tried, but that strange behavior still show up time to time
Any idea or suggestion is quite welcome!
Thanks in advance
Roger.
