WLC Custom Web Auth Bundle sample .tar file is not on WCS

Similar Messages

• WLC 4404 5.1.151.0 - custom web-auth bundle

  Ultimately the user needs to see a custom "splash page" without having to authenticate. I have successfully installed a custom web-auth bundle that appears when the WLAN Web Policy is enabled, but without any authentication, there is no access to the outside.
  Is what I'm trying to accomplish possible in some other way?

  You will not be able to do this unless you use some 3rd party hotspot utility. The main reason you should have an accept button is to be able to display a terms and conditions for users to read if they wish. This will protect you from an legal troubles. You can try to write a script on the html page (you can keep the page blank and hide everything) that will activate the accept button, that way you can redirect them to your web page.
  Try to add this to your html page:
  setTimeout("submitAction()",20);
  Hope this helps... just make sure you keep you html page blank.... by setting the background and text to white or any color of your choice.

• Customized Web-Auth Bundle

  Hi
  I am trying to upload a customized web-auth bundle to a WLC 5508 and having some issues.
  I have downloaded the web-auth bundle from Cisco and used this as a template to create the web pages.
  I seem to recall that there is only a couple of Windows tools that you can use to TAR the file such as TUGZIP and IZARC. Anyway I have tried both and I still cannot get the file to extract. I have tried to strip the file out so that I only send up the login.html page and even this does not work.
  I am using a software release 7.0.220.0
  The error message I receive when I do a TFTP is
  Error extracting webauth files.
  Any help would be appreciated
  Thanks
  Greg

  Hi Greg:
  I hope you find the answer here:
  You can compress the page and image files used for displaying a web authentication login page into a.tar file for download to a controller. These files are known as the webauth bundle. The maximum allowed size of the files in their uncompressed state is 1 MB. When the .tar file is downloaded from a local TFTP server, it enters the controller's file system as an untarred file.
  Note If you load a webauth bundle with a .tar compression application that is not GNU compliant, the controller cannot extract the files in the bundle and the following error messages appear: "Extracting error" and "TFTP transfer failed." Therefore, we recommend that you use an application that complies with GNU standards, such as PicoZip, to compress the .tar file for the webauth bundle.
  Reference: http://tiny.cc/rbqbfw
  So double check the size and tarring utility.
  Try to use WinRar or 7Zip if the tarring format is the issue.
  HTH
  Amjad

• WLC Customized Web Auth

  can i have a customized web auth portal loaded into the WLC? or i need to have an external server and load the customized web auth.                  

  Here is a link
  http://www.cisco.com/cisco/software/release.html?mdfid=282600534&flowid=7012&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest

• Having trouble with custom web auth page on 4404

  Hi all
  I am having trouble with a custom web auth page on my controller, we have edited the original file, but when we click login it goes to page cannot be displayed and it doesnt redirect to the page I want, however when I close the window and reopen it has already authenticated me.
  Has anyone got a copy of some working html code I can use ?
  cheers

  There is sample Web Authentication bundle avaiable for download from cisco.com. if you go to the software download page and go to Wireless->Standalone Controllers->4404 you should see a link for Wireless Lan Web Authentication Bundle.
  Its the same bundle whether you have a WiSM, 4404 or 2100

• WLC 5508 Web Auth Splash Page: Is it possible to place a download?

  Hi,
  I know it is possible to create custom web auth splash pages on the WLC 5508. Is it also possible to embedd a small document (less than 1MB) that users can download directly from the controller? I need this for providing the terms of use for the Guest WLAN.
  Thanks
  Michael

  It could be done, but you will want to stay within the limits of the WebAuth bundle size (~ <10MB I believe).  This shouldn't be a problem considering a .doc size, but I have to ask the same question.   Why would you want to do this as opposed to just putting your terms of use inline to the page as just text/html?  Maybe there is a good reason, but I can't really think of any scenario.  Feel free to elaborate.

• Custom Web Auth Splash Pages

  I've seen it menitoned in a few places that there are sample web auth splash pages located on the WLC that can be uploaded and modified. I've also hear that there are some sample pages on Cisco's website, but I am unable to find them in either location. How do I access these sample pages? 

  Jason,
       The sample web-auth bundle is located in the same location as the download for the controller code.
  http://www.cisco.com/cisco/software/type.html?mdfid=282600534&flowid=7012
  there is a link there for the Webauth bundle
  HTH,
  Steve
  Please remember to rate helpful posts or to mark the question as answered so that it can be found later.

• WLC 4402 web auth Internal login page

  Hi,
  We recently upgraded our code on our wlc and now our internal web auth page has a nice teal colored L shaped bar in the right upper part of the screen.
  Is there a way to edit the internal web auth page other than just uploaded a new bundle to the box?
  When I view the source of the preview page I can see the exact coding that is causing the issue.
  Thanks for any ideas.
  Code 4.1.185.0
  Craig

  The only way is to customized the code and then upload it to the wlc as a tar file. Of course, you will have to set the wlc to custom webauth and not internal webauth.

• Loading web auth bundle for pass through

  I have created a web page using the web auth template that I downloaded from Cisco.  Am I just supposed to upload the TAR file that I created from the wap folder or do I have to upload the entire bundle that I downloaded from Cisco created as a TAR file?
  Thank you.
  I have attached the files I am using and cannot get them to load on the web browser when I click on preview.  The login.tar file loads onto the controller with no problem and reports succesful installation.
  Seth

  You need to use a Linux/unix box or else on windows you can use 7-zip, pico zip or power archiver.
  Per this doc
  http://www.cisco.com/en/US/docs/wireless/controller/7.2/configuration/guide/cg_user_accts.html#wp1183650
  Note
  If you load a webauth bundle with a .tar compression application that is not GNU compliant, the controller cannot extract the files in the bundle and the following error messages appear: "Extracting error" and "TFTP transfer failed." Therefore, we recommend that you use an application that complies with GNU standards, such as PicoZip, to compress the .tar file for the webauth bundle.
  Sent from Cisco Technical Support iPhone App

• WLC 5508 Web Auth and EAP / PEAP

     Morning all, I'm looking for some clarification.
  Current setup:
  I work in a school, a few years age I installed a 4400 WLC and several APs as a proof of concept exercise to see whether wireless technology would be of benefit to teaching and learning. It was deemed to be so.
  This summer I installed 2 x 5508 WLCs and increased AP coverage to 50 - copied over the configs from the old controller - all works fine.
  Currently only the staff can access the WLANs with the exception of a public WLAN in the canteen area.
  Because there are a limited number of devices, WPA2 in conjunction with MAC filtering was used. However the school wants to open the wireless network to all of the students - potentially this means up to 1000 devices that will no doubt change on a regular basis so MAC filtering is out.
  In line with child protection policies I need an 'auditable' trail when students access wireless resources.
  Planned setup:
  I have setup a test WLAN that uses Web Auth - the WLC is configured to pass authentication requests  ( through an ASA ) onto a RADIUS server which is tied into AD. I have a CA setup as well as a NAP server.
  There is no layer 2 security set on the test WLAN and layer 3 is just web authentication. From any mobile device I can authenticate against AD and gain access to the Internet.
  Clarification:
  With no layer 2 security the WLAN is exposed so I need to introduce some form of end to end encryption - so I am looking at deploying EAP / PEAP.
  Would the introduction of EAP / PEAP keep the network as secure as if I was using WPA2 ?
  Many thanks.

  If you are web authentication you cannot use dot1x as L2 security , so EAP is not an option.
  But you can use preshared security , like WPA2 AES with web auth to insure that the traffic is encrypted.
  or you can define a wlan profile with dot1x security on l2 and nothing on l3 , by doing so you would definetely hit the utmost security poossible.
  Check the following link which contain couple of EAP config examples:
  http://www.cisco.com/en/US/partner/tech/tk722/tk809/tech_configuration_examples_list.html
  Please make sure to rate correct answers

• Custom Web Auth - Missing "Submit" Button

  I have scoured every topic I can get my hands on here at NetPro regarding custom web authentication. I am currently supporting a customer that MUST use a custom web page for two reasons:
  1. Cosmetically, and rightfully so, they would like to use their own logo. Well, why not just upload the custom image, you say? See point 2...
  2. Their custom AUP is beyond the allowed 2047 characters in the default template.
  So I used the default internal template for a test login, and viewed the source to grab the HTML code. I know how to read HTML, so I began commenting out the sidebar, text, and headers that I didn't want. I then inserted the custom logo and AUP text. Visually, the page is fine. However, when I preview the page, the "Submit" button is completely missing. This is true both locally, as well as when it is uploaded to the controller. I also uploaded from the controller the 'loginscript.js' file by selecting file type 'configuration' and inputting the name 'loginscript.js'. I am including that information as well because I know other people have posted asking how to get that, and I haven't seen anyone respond with such instructions. I figured it out on my own after trial and error. If it can be obtained via WCS, it would be nice if someone would post that (other than the same method I used, simply using WCS as the management tool instead of direct controller access). My controller is running code 4.1.185.0, same as my customer's controller. I modified the reference for the javascript source from src="./loginscript.js" to simply src="loginscript.js" because I am putting the script and the login.html file in the same directory. If there is a different directory structure required, I haven't found any documentation saying so other than another NetPro post indicating "Web Authentication_files" folder (whatever that means)? I also noticed that some folks are saying that such a page would have to be run on an External server. If so, why?
  Regards,
  Scott

  Web authentication files are stored in Web Authentication_files directory which controllers can recognize. . If you want to use a different directory it is used on External Web server so that there is no conflct in the storage location.

• RH 7 WEB Help: Hyperlink to external file will not activate file

  I have added an external file (Excel spreadsheet document) to my RH 7 WEB Help.
  * The Excel file is located in the Project Manager
  * The hyperlink contains the correct file name
  * The generated WEB Help folder contains the Excel file
  However, when I test the external file link, the external (Excel) file does not open.
  Suggestions?
  Thanks,
  Jerry Christensen
  St. Paul, Minnesota

  Hi there
  LIkely Mark Of The Web (MOTW) is nailing you. When you test locally and have MOTW enabled, links to things like Excel, Word and PDF don't work.
  The first step is to turn off MOTW. You do that by right-clicking the WebHelp layout and choosing Properties. The option for MOTW is in the first dialog.
  Once that is done things should be mostly good. I say "mostly", as you will now probably see the yellow information bar in IE when you test. To prevent seeing that, you need to change the settings in IE.
  To change the settings in IE:
  Click Start > Run type inetcpl.cpl and press Enter
  Click the Advanced tab
  Scroll to the Security section
  Place a check mark in the option "Allow active content to run in files on My Computer"
  Cheers... Rick
  Begin learning RoboHelp HTML 7 within the day - $24.95!
  Click here for Adobe Authorized Captivate and RoboHelp HTML Training
  Click here for the SorcerStone Blog
  Click here for RoboHelp and Captivate eBooks

• PALM with WLC 4400 (Web Auth Portal)

  We cannot get the Web Portal splash page to display on wireless Palm units....the site simply hangs. Is there any fixes out there for this problem. Thanks for all replies!!

  Has anyone else seen this Palm/WebAuth issue or found a fix? I am seeing this on our Palm devices too. Running 4.x code with internal guest auth, laptops work just fine with the https://1.1.1.1 redirect, but the Palm just hangs. Could it be the certificate is not valid and the Palm has no way to prompt for that message like a laptop. Any ideas?

• Client Excluded ReasonCode on WLC for Web Auth

  Hi.
  I wonder if you can point me at a table that defines the Reason Code(s) for Client Exclusion Failure? See the example event log entry below from a Guest Controller for Web Authentication failure (that was resolved - Internet router down) but I was wondering if the Reason Codes would be useful in troubleshooting. Many thanks in advance.
  Tue Aug 28 10:45:31 2007 Client Excluded: MACAddress:00:16:6f:b3:20:0a Base Radio MAC :00:00:00:00:00:00 Slot: 0 Reason:Web Authentication failed 3 times. ReasonCode: 4

  I haven't tried it recently. But I'm afraid of this one :
  CSCsy88149 Chained certificate can not have Wildcard * character in hostname
  Even if bought at verisign or any root CA, your cert has a good chance of being chained since they very often use an intermediate CA. I know wildcard certs are supported but this bug seems to say that it doesn't work for chained.
  again, I didn't verify it mysefl

• WLC 4400 web auth issues

  Hello,
  I am experiencing an issue with my model 4404 Wireless controllers that has plagued me for some time now. I have two controllers with 106 AP's split evenly between the two controllers. One of my SSID's is setup with web authentication.  I have one Radius server (Cisco ACS v 4.1). The problem only exists for the SSID that uses web authentication. Reports begin to come in that students cannot login to the wireless using the student SSID that uses web authentication. The student can get to the web authentication page, but when they put in their username and password both fields go blank. You can do this over and over with no errors, and the logs in the controller show nothing to indicate any issues (you don't even see the attempted login). I obtain one of the student logins for testing and here is what I have found. I attempt to login to the student wireless with this account and recieve the same results as the student. I have an AP in my office that I use for testing so I force it on to the other controller. At that point the account in question works. I can login without any issues. I force the AP back to the initial controller and experience the same issue, I cannot login. No error of bad username and password, just login fields that go blank. More reports come in that students cannot login and I find that all issues are related to this controller. The next morning I reboot the controller and everything works for a week or more and then it all starts over again. The next time it may be the other controller that is experienceing this issue. A reboot of the controller always fixes the issue for the short term. The issue appears to be controller related but I cannot pin it down.  I recently upgraded my controller code from 4.2.61.0 to 6.0.188.0 at Cisco's recommendation. Unfortunately the issue still exists. Scouring the forums produces a few other people encountering the same issue but none seem to have found a fix. Does anyone know if this is a known issue with this model controller?
  Thanks much for any help.

  Thank you for your response Dennis, it is greatly appreciated. I do not find any mount errors in the crash log. However I did finally find something in the message logs that I was unable to find before. I did not copy this message so it is not verbatim. The error message states that the user cannot be logged in possibly due to being logged in somewhere else. At that point I pour over every client on the controller even filtering by mac address. I see no evidence of the client being associated or authenticated. On a side note I can see the client as associated if the wireless card is enabled. Checking the ACS does not show a failed authentication. Again, rebooting the controller seems to clear some sort of radius accounting on the controller that I am unable to clear manually without a reboot. Thanks again for your response.