cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
17188
Views
15
Helpful
4
Replies
songwh911
Beginner

WLC 2504 Guest Wifi login Page

I'm using WLC 2504 8.3

 

So, I would like to implement something like guest wifi login page like starbucks, airport, or any other public wifi where it first displays terms and policies to connect to guest wifi and only allow guests to browse after accepting those terms.

 

Also, before users get that messages, I would like the guests to have to type wifi password for the SSID to get that page so only company approved guests can access our wifi, not random people on other floors. 

 

I'm trying to find a guide to do this, but not sure what exactly what I'm trying to do is called, (web auth? captive portal? guest wifi login? passthrough?)

 

my requirements are

- guest first needs to type guest wifi password to connect to guest wifi (already done with L2 WPA+WPA2)

- before user starts using internet, they should get redirected to web portal with my policy pages

 

If anyone can provide high level steps, or link me a correct guide, I would really appreciate it.

1 ACCEPTED SOLUTION

Accepted Solutions

Hi,

Correct, this is a Layer2 + Layer 3 authentication SSID.

Here's what you'll need to do (I am assuming that your 2504 is the host for the web portal):
1. Under WLAN settings, configure the following
Security -> Layer 2 -> {Security Type WPA+WPA2} {WPA+WPA2 Paramters: WPA enabled, WPA2 Enabled}{Authentication Key Management: PSK}{PSK: Your Password}
Security -> Layer 3 -> {Layer 3 Security: Web Policy}{Webauth type: Passthrough}
2. Upload your custom captive portal, Cisco provides many examples in a bundle, you can use these examples and make small modifications according to your needs:
WebAuth bundle: https://software.cisco.com/download/release.html?mdfid=283848165&flowid=24841&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest
How to configure a custom Webauth portal-> https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/115951-web-auth-wlc-guide-00.html

Note: To summarize the steps, download the bundle, unzip it, open "wap" folder which contains and example for Terms and conditions only, modify the html, logo etc., compress the files to a new "login.tar", and upload it to your controller. Remember to compress "aup, login.html and yourlogo.jpg".

(WLC) >transfer download datatype webauthbundle
(WLC) >transfer download filename login.tar
(WLC) >transfer download mode tftp
(WLC) >transfer download path ./
(WLC) >transfer download serverip x.x.x.x
(WLC) >transfer download start

To choose your new bundle, simply go to Security -> Layer 3 ->Mark "Override Global Config" -> Webauth type "Customized" -> Choose your new login page.

View solution in original post

4 REPLIES 4
Sandeep Choudhary
VIP Mentor

Thanks for the reply. I was doing some extra research after reading your reply, and I think what I'm looking for is L2 WPA+WPA2 and L3 passthrough options.

 

Now all I need is to figure out putting on a custom page

Thanks!

Hi,

Correct, this is a Layer2 + Layer 3 authentication SSID.

Here's what you'll need to do (I am assuming that your 2504 is the host for the web portal):
1. Under WLAN settings, configure the following
Security -> Layer 2 -> {Security Type WPA+WPA2} {WPA+WPA2 Paramters: WPA enabled, WPA2 Enabled}{Authentication Key Management: PSK}{PSK: Your Password}
Security -> Layer 3 -> {Layer 3 Security: Web Policy}{Webauth type: Passthrough}
2. Upload your custom captive portal, Cisco provides many examples in a bundle, you can use these examples and make small modifications according to your needs:
WebAuth bundle: https://software.cisco.com/download/release.html?mdfid=283848165&flowid=24841&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest
How to configure a custom Webauth portal-> https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/115951-web-auth-wlc-guide-00.html

Note: To summarize the steps, download the bundle, unzip it, open "wap" folder which contains and example for Terms and conditions only, modify the html, logo etc., compress the files to a new "login.tar", and upload it to your controller. Remember to compress "aup, login.html and yourlogo.jpg".

(WLC) >transfer download datatype webauthbundle
(WLC) >transfer download filename login.tar
(WLC) >transfer download mode tftp
(WLC) >transfer download path ./
(WLC) >transfer download serverip x.x.x.x
(WLC) >transfer download start

To choose your new bundle, simply go to Security -> Layer 3 ->Mark "Override Global Config" -> Webauth type "Customized" -> Choose your new login page.

View solution in original post

This was exactly what I was trying to do. Thank you so much

Create
Recognize Your Peers
Content for Community-Ad