Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
21599
Views
15
Helpful
4
Replies

WLC 2504 Guest Wifi login Page

Go to solution
songwh911
Level 1
Level 1

‎08-23-2017 09:48 AM - edited ‎07-05-2021 07:35 AM

I'm using WLC 2504 8.3

 

So, I would like to implement something like guest wifi login page like starbucks, airport, or any other public wifi where it first displays terms and policies to connect to guest wifi and only allow guests to browse after accepting those terms.

 

Also, before users get that messages, I would like the guests to have to type wifi password for the SSID to get that page so only company approved guests can access our wifi, not random people on other floors. 

 

I'm trying to find a guide to do this, but not sure what exactly what I'm trying to do is called, (web auth? captive portal? guest wifi login? passthrough?)

 

my requirements are

- guest first needs to type guest wifi password to connect to guest wifi (already done with L2 WPA+WPA2)

- before user starts using internet, they should get redirected to web portal with my policy pages

 

If anyone can provide high level steps, or link me a correct guide, I would really appreciate it.

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
biaacer2
Cisco Employee
Cisco Employee
In response to songwh911

‎08-26-2017 01:28 PM

Hi,

Correct, this is a Layer2 + Layer 3 authentication SSID.

Here's what you'll need to do (I am assuming that your 2504 is the host for the web portal):
1. Under WLAN settings, configure the following
Security -> Layer 2 -> {Security Type WPA+WPA2} {WPA+WPA2 Paramters: WPA enabled, WPA2 Enabled}{Authentication Key Management: PSK}{PSK: Your Password}
Security -> Layer 3 -> {Layer 3 Security: Web Policy}{Webauth type: Passthrough}
2. Upload your custom captive portal, Cisco provides many examples in a bundle, you can use these examples and make small modifications according to your needs:
WebAuth bundle: https://software.cisco.com/download/release.html?mdfid=283848165&flowid=24841&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest
How to configure a custom Webauth portal-> https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/115951-web-auth-wlc-guide-00.html

Note: To summarize the steps, download the bundle, unzip it, open "wap" folder which contains and example for Terms and conditions only, modify the html, logo etc., compress the files to a new "login.tar", and upload it to your controller. Remember to compress "aup, login.html and yourlogo.jpg".

(WLC) >transfer download datatype webauthbundle
(WLC) >transfer download filename login.tar
(WLC) >transfer download mode tftp
(WLC) >transfer download path ./
(WLC) >transfer download serverip x.x.x.x
(WLC) >transfer download start

To choose your new bundle, simply go to Security -> Layer 3 ->Mark "Override Global Config" -> Webauth type "Customized" -> Choose your new login page.

View solution in original post

4 Replies 4

Go to solution
songwh911
Level 1
Level 1
In response to Sandeep Choudhary

‎08-25-2017 08:55 AM

Thanks for the reply. I was doing some extra research after reading your reply, and I think what I'm looking for is L2 WPA+WPA2 and L3 passthrough options.

 

Now all I need is to figure out putting on a custom page

Thanks!

0 Helpful

Go to solution
biaacer2
Cisco Employee
Cisco Employee
In response to songwh911

‎08-26-2017 01:28 PM

Hi,

Correct, this is a Layer2 + Layer 3 authentication SSID.

Here's what you'll need to do (I am assuming that your 2504 is the host for the web portal):
1. Under WLAN settings, configure the following
Security -> Layer 2 -> {Security Type WPA+WPA2} {WPA+WPA2 Paramters: WPA enabled, WPA2 Enabled}{Authentication Key Management: PSK}{PSK: Your Password}
Security -> Layer 3 -> {Layer 3 Security: Web Policy}{Webauth type: Passthrough}
2. Upload your custom captive portal, Cisco provides many examples in a bundle, you can use these examples and make small modifications according to your needs:
WebAuth bundle: https://software.cisco.com/download/release.html?mdfid=283848165&flowid=24841&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest
How to configure a custom Webauth portal-> https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/115951-web-auth-wlc-guide-00.html

Note: To summarize the steps, download the bundle, unzip it, open "wap" folder which contains and example for Terms and conditions only, modify the html, logo etc., compress the files to a new "login.tar", and upload it to your controller. Remember to compress "aup, login.html and yourlogo.jpg".

(WLC) >transfer download datatype webauthbundle
(WLC) >transfer download filename login.tar
(WLC) >transfer download mode tftp
(WLC) >transfer download path ./
(WLC) >transfer download serverip x.x.x.x
(WLC) >transfer download start

To choose your new bundle, simply go to Security -> Layer 3 ->Mark "Override Global Config" -> Webauth type "Customized" -> Choose your new login page.

Go to solution
songwh911
Level 1
Level 1
In response to biaacer2

‎08-28-2017 08:57 AM

This was exactly what I was trying to do. Thank you so much

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card