02-28-2012 05:58 AM - edited 07-03-2021 09:40 PM
Is it possible to implement a web authentication in WLC and Nomadix as a gateway to internet for guest internet access?
Here are the network details.
No Layer 3 in the network
DHCP will be provided by NOMADIX (AG5500)
Guest Device(Laptop/Smartphones) --> CiscoAP (CAPWAP) --> CiscoL2Switch <--> CiscoWLC (5508 v7.0.116) ---> Nomadix (AG5500) ---> Internet
Testing done:
SSID is set to open (No L2/L3 Security set) - OK, web redirection to NOMADIX portal for AUP (Acceptable User Policy) is successful
SSID is set to L3 WebAuthentication (guest user is on WLC local database) - Not OK, NO web redirection, unable to reach WLC virtual IP.
02-28-2012 06:17 PM
Hi Justin,
Yes you are correct. Consider this is a Hotel floors and I want my guest to provide internet without using credentials (SSID2). Now, below the Hotel are nearby coffee shops and restaurants where people come and go. I dont want these people use my internet facility via SSID2. This is why I provide another SSID1 where WEBAUTH is required. If my legitimate guest wants to use internet facility at nearby coffee shops/restaurants. All they have to do is to get the credentials in the Hotel lobby. I hope you got my point here.
02-28-2012 05:41 PM
If the nomadix box is intercepting DNS queries to do it's AUP redirection it's going to break the WLC redirection. The WLC uses DNS to trigger the logon page redirection, the client has to fully perform a full DNS query resolution in order for the WLC to redirect. There could be issues due to the nomadix also doing the same thing.
Just a thought...
02-28-2012 05:59 PM
Hi Blake,
Maybe you are right. Since both box (WLC and NOMADIX) are doing DNS, redirection to the WLC Virtual IP may not work maybe because the NOMADIX DNS replies first before WLC?
Dave
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide