Cisco 5760 WebAuth "Consent Success Page"

Similar Messages

• How do I remove the certificat error everytime I try to access the Cisco Unified CM Administration web-page?

  Hi,
  Every time I want to have access to the Cisco Unified CM Console (System version: 7.0.1.11000-2), I use the https://10.10.x.x/ccmadmin/showHome.do homepage on my client computer, but when I open the page, I get a SSL certificate error, stating no trust to this webpage security certificate and if I those "continue to this page (not recommended)", I get access to the Cisco Unified CM Console web page.
  I have tried to add the https://IP-adress to secure web pages in Internet Explorer 7, but this to no avail, it does not help.
  How do I add this certificate to a trusted something, so I do not get this warning every time I open the page?
  Kind regards,
  Carl-Marius

  Hi Michael,
  It worked when I change the IP-address to the name that was written in the certificate, and imported the certificate to Internet Explorer.
  Thank you for your fast and very precise help!
  Kind regards,
  Carl-Marius

• How do I create a reusable success page?

  I have an application containing a large number of "form on report" pages. I wish to provide a success page confirmation to the user when the "apply changes" (update) or "create" (insert) button on the form is activated.
  I wish to avoid having to have a dedicated success page for each Report/Form pair in the application and to make the redirect links dynamic so that the calling form page number is associated with the "Create Another Record" link and the associated report (search) page is linked via the "Return to Search Page"
  Current success page:*
  The success page displays two options:
  1. "*Create Another Record*" (returns to the calling form)
  2. "*Return to Search Page*" (returns to the report page associated with the calling form )
  In the example below the redirect page numbers (in bold) are hard coded for a specific report/form combination:
  "a href="f?p=&APP_ID.:22:&SESSION.:::22" class="instructiontext">
  img src="#IMAGE_PREFIX#menu/add_record_64.gif" border=0 width="64" height="64" alt="Insert Another" title="Insert Another" /><br
  Insert Another</a
  </td
  td align="center">
  a href="f?p=&APP_ID.:21:&SESSION.:::21" class="instructiontext">
  <img src="#IMAGE_PREFIX#menu/search_64.gif" border=0 width="64" height="64" alt="View Report" title="View Report" /><br
  View Report</a"
  Note: HTML tags above modified so that the code is read as text.
  Any help would be much appreciated.
  Meagain
  Edited by: user8878108 on 19/01/2010 16:01
  Edited by: user8878108 on 19/01/2010 16:02
  Edited by: user8878108 on 19/01/2010 16:04

  Varad,
  Apologies for making a labour of this.
  I was sure I carried out all steps you described, religiously. Following is a step-wise explanation of exactly what I did:
  *1.* Created 2 Application level items g_form and g_rpt. (Using Shared Components /Logic/Application Items)
  *2.* Created 2 Application level processes eg for Report and Form, (Using Shared Components /Logic/Application Processes) with the following source code:
  +:g_rpt := :app_page_id;+
  +:g_form := :app_page_id;+
  and a Process Point set to +"On Load: Before Header (page template header)"+
  *3.* Added a Condition Type
  +"Current Page is Contained Within Expression 1 (comma delimited list of pages)"+
  *4.* Added the list of report pages under Expression 1
  +21,23,25,27,29,31,33,35,37,39,41,43,45,47,49,51,53+
  I am making the following presumptions:
  *1.* I am presuming that the reports page list will cause the before header application level process to be invoked whenever the user navigates to any one of the report pages listed in "Expression 1". At which point the value of the g_rpt will be reset to that page number.
  *2.* There is no need to invoke the application process from the individual pages themselves as the g_rpt and g_form values are set automatically and remain in place until different form or report page is opened invoking the application level process.
  Are these presumptions correct, and if so, can you see any fault in the referencing on the successpage itself?
  "a href="f?p=&APP_ID.:g_form:&SESSION.:::g_form" class="instructiontext">
  img src="#IMAGE_PREFIX#menu/add_record_64.gif" border=0 width="64" height="64" alt="Create Another Record" title="Create Another Record" /><br Create Another Record</a
  </td
  td align="center">
  a href="f?p=&APP_ID.:g_rpt:&SESSION.:::g_rpt" class="instructiontext">
  <img src="#IMAGE_PREFIX#menu/search_64.gif" border=0 width="64" height="64" alt="Return to Search Page" title="Return to Search Page" /><brReturn to Search Page</a"
  Cheers,
  Meagain

• Add a hyperlink to SSPR success page

  Is it possible to add a hyperlink to the FIM 2010 R2 sspr success page after a password reset?
  I know you can customize text by modifying the strings.resource file, but I can't seem to add a hyperlink.
  If I type out the HTML tag it doesn't work.
  Cheers
  IT Support/Everything

  Hi, 
   Unfortunately that didn't work - the cdata tag is simply displayed in the browser, can you see anything wrong with the strings.resources below:
  <!-- Customizations begin here -->
    <data name="ResetUseNewPassword" xml:space="preserve">
      <value>You can now use your new password to log in - <![CDATA[a href="https://webapp.contoso.com">webapp.contoso.com</a>]]></value>
    </data>
   </root>
  thx
  IT Support/Everything

• Cisco 5760 WLC initial config

  Hi,
  I am configuring up a Cisco 5760 WLC and wondering if it is required to put in a default route? In this document it says to put one in but i dont see why it is needed as it is connected to a switch via a layer 2 Trunk.
  Reference:
  https://supportforums.cisco.com/docs/DOC-34430
  Another question, since there is no more Dynamic Interfaces and they are replaced with Layer 2 & 3 interfaces instead. Do all Layer 2 interfaces you create require a layer 3 interface IP address to be configured also? As shown below:
  Thanks

  So by default the 5760 has IP routing enabled so you will need to put in a default route. A default gateway won't work unless you disable IP routing first.
  Sent from Cisco Technical Support iPhone App

• Cisco 5760 controller in centralized mode supports 4404 controller as anchor controller?

  Hello All,
  I have a cisco 5760 controller running in centralized mode. I want to configure one 4404 controller as anchor controller to work with the 5760 controller. Is this supported?.
  Thanks in advance
  Shabeeb

  No, It is not supported.
  You cannot have a mobility peer with 5760 unless you enable "new mobility" on its peer . In CUWN products this is supported in 5508/WiSM2/8510 on specific codes. In current supported codes it has to be 7.6.x or 8.x.
  As you know 4400 only supported upto 7.0.x code. So new mobility is not supported, hence you cannot peer with CA products.
  In case if you have a "new mobility" supported WLC, here how you configure it
  http://mrncciew.com/2014/05/06/configuring-new-mobility/
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Continuing text on successive pages

  I am editing a catalog/book that was designed by someone else and need a bit of help with adding more pages.
  The current setup has about 50 pages and i need to add 5 more. The problem is that when i add a new text frame on these new pages, text does not continue from the previous pages.
  so lets say pages 1-50 are completely full. If i add more text on page 30, text on page 50 does not continue onto page 51 and instead just goes off the frame (i can cut and paste it out onto the next page but this is not really a permanent solution)
  Any idea on how to make the text continue onto successive pages?

  In CS4:
  Go to your Preferences for InDesign
  Click on the Type preferences
  Ensure that Smart Text Reflow is enabled and set the preferences therein.
  Or, you can manually add the pages with the AutoFlow feature in this manner:
  Go to the last page with content.
  Select the text frame with overset text (shows the red + in the out port).
  Click the out port. The cursor should change to indicate loaded text.
  Press the Delete key to delete the text frame
  Hold down the Shift Key. The cursor should change to a lazy S shape.
  Poistion the cursor at where the top left corner of the original text frame was and click.
  This will recreate the text frame that was just deleted and flow the text to as many additional pages as needed. If you have a master text frame, it should honor that. If not, then it will fill the defined margins and/or columns of the pages.
  This works in CS4 and earlier versions.
  -mt

• Cisco WLC WebAuth Page Not Found

  Hi All,
  I'm using Cisco VWLC 7.4.100.60, I'm facing a problem of the internal web auth with Local Net User , any client access the guest SSID, which can re-direct to the virtual port ip http://1.1.1.1/login.html, but browser also show page not found.
  May I know how can I fix it?
  Many Thanks!
  hang

  Can be many things... first off, make sure DNS is working and that the guest homepage is not a secure web site (https).  Also make sure you didn't add and DNS hostname in the VIP interface unless you installed a cert and the FQDN is resolving.  Here is a good guide:
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080bf7d89.shtml
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• ISE Guest portal CWA - Webauth exit button on Login Successful page not working (Safari and Chrome)

  Hello
  Has anyone else experienced the issue where this exit button works when IE is used to login to the ISE Guest portal, but not when Chrome is used. Same for Safari (from IPAD).
  Sent from Cisco Technical Support iPad App

  Google Chrome is not a fully supported browser  for use with the Administrative User Interface of the Identity Services Engine  (ISE), Version 1.1.3 and earlier.

• Cisco 5760 - Anchor config issue

  Hi,
  I am having an issue where the 5760 Anchor WLC has 4 Subnets but half of the VLANS need to go to a seperate gateway and the other half to another gateway.
  Below image is what the network looks like:
  The router (Content Filtering) is the Gateway for 4 x SSID’s/VLANs
  The Firewall is the Gateway for the Management VLAN
  The issue here is that we have 2 separate Gateways and there is no way to define separate gateways for each VLAN on the 5760 WLC
  We have an default IP route 0.0.0.0 0.0.0.0 10.1.1.254 which is pointing to the Firewall. The firewall is not the gateway for the other 4 x SSID/VLANs that exist on the Anchor so we do not want all traffic going to the Firewall, only management traffic.
  Is there a way to set different gateways for different subnets/VLANs on the 5760 WLC? Keeping in mind that there is an default route pointing to the Firewall.
  Also does the 5760 WLC acts as a Layer 3 device?
  Thanks

  All types of deployments listed below for the Anchor configuration.
  Case solution :
  Wireless WebAuth and Guest Anchor Solutions
  The following sections show a WebAuthentication (WebAuth) configuration and Guest Anchor examples on the CT5760.
  Note For a complete webauth configuration, please download the webauth bundle from the following URL: http://software.cisco.com/download/release.html?mdfid=284397235&softwareid=282791507&
  release=3.2.2&relind=AVAILABLE&rellifecycle=&reltype=latest .The readme file has all the GUI and CLI configuration for webauth.
  Configure Parameter-Map Section in Global Configuration
  The parameter map connection configuration mode commands allow you to define a connection- type parameter map. After you create the connection parameter map, you can configure TCP, IP, and other settings for the map.
  ! First section is to define our global values and the internal Virtual Address.
  ! This should be common across all WCM nodes.
  PARAMETER-MAP TYPE WEBAUTH GLOBAL?
  VIRTUAL-IP IPV4 192.0.2.1
  PARAMETER-MAP TYPE WEBAUTH WEBPARALOCAL?
  TYPE WEBAUTH?
  BANNER TEXT ^C WEBAUTHX^C
  REDIRECT ON-SUCCESS HTTP://9.12.128.50/WEBAUTH/LOGINSUCCESS.HTML
  REDIRECT PORTAL IPV4 9.12.128.50
  Configure Customized WebAuth Tar Packages
  Transfer each file to flash:
  copy tftp://10.1.10.100/WebAuth/webauth/ webauth_consent.html flash:webauth_consent.html
  copy tftp://10.1.10.100/WebAuth/ webauth_success.html flash: webauth_success.html
  copy tftp://10.1.10.100/WebAuth/ webauth_failure.html flash: webauth_failure.html
  copy tftp://10.1.10.100/WebAuth/ webauth_expired.html flash: webauth_expired.html
  Configure Parameter Pap with Custom Pages
  parameter-map type webauth webparalocal
  type webauth
  custom-page login device flash:webauth_consent.html
  custom-page success device flash:webauth_success.html
  custom-page failure device flash: webauth_failure.html
  custom-page login expired device flash:webauth_expired.html
  Configure Parameter Map with Type Consent and Email Options
  parameter-map type webauth webparalocal
  type consent
  consent email
  custom-page login device flash:webauth_consent.html
  custom-page success device flash:webauth_success.html
  custom-page failure device flash:webauth_failure.html
  custom-page login expired device flash:webauth_expired.html
  Configure Local WebAuth Authentication
  username guest password guest123
  aaa new model
  dot1x system-auth-control
  aaa authentication login EXT_AUTH local
  aaa authorization network EXT_AUTH local
  aaa authorization network default local
  or
  aaa authentication login default local
  aaa authorization network default local
  Configure External Radius for WebAuth
  aaa new model
  dot1x system-auth-control
  aaa server radius dynamic-author ?
  client 10.10.200.60 server-key cisco ?server-key cisco ?
  auth-type any
  radius server cisco
  address ipv4 10.10.200.60 auth-port 1812 acct-port 1813
  key cisco
  aaa group server radius cisco server name cisco
  aaa authentication login EXT_AUTH group cisco
  or
  aaa authentication login default group cisco
  Configure WLAN with WebAuth
  wlan Guest-WbAuth 3 Guest-WbAuth
  client vlan 100
  mobility anchor 192.168.5.1
  no security wpa
  no security wpa akm dot1x
  no security wpa wpa2
  no security wpa wpa2 ciphers aes
  security web-auth
  security web-auth authentication-list EXT_AUTH
  security web-auth parameter-map webparalocal
  no shutdown
  Configure HTTP Server in Global Configuration
  !--- These are needed to enable Web Services in the Cisco IOS® software.
  ip http server
  ip http secure-server
  ip http active-session-modules none
  Other Configurations to be Checked or Enabled
  !--- These are some global housekeeping Cisco IOS® software commands:
  ip device tracking
  ip dhcp snooping
  SNMP Configuration
  From the CT5760 console, configure the SNMP strings.
  snmp---s er v er co mmuni t y p ub l i c r o
  snmp---s er v er co mmuni t y p r i v a t e r w
  IPv6 Configuration
  IPv6 is supported on the data path. Wireless clients will be able to get an IPv6 address.
  Enable IPv6 Snooping - CT5760
  There are slight differences in configurations on a CT5760 when configuring IPv6. To enable IPv6 on a CT5760, the following step must be completed.
  ipv6 nd raguard attach-policy testgaurd
  Trusted-port
  Device-role router
  interface TenGigabitEthernet1/0/1
  description Uplink to Core Switch
  switchport trunk native vlan 200
  switchport mode trunk
  ipv6 nd raguard attach-policy testgaurd
  ip dhcp snooping trust
  Enable IPv6 on Interface - CT5760
  Based on interfaces that need IPv6 configurations and the type of address needed, respective configurations are enabled as follows. IPv6 configurations are enabled on VLAN200.
  vlan configuration 100 200
  ipv6 nd suppress
  ipv6 snooping
  interface Vlan100
  description Client VLAN
  ip address 10.10.100.5 255.255.255.0
  ip helper-address 10.10.100.1 2001:DB8:0:10::1/64
  ipv6 address FEC0:20:21::1/64
  ipv6 enable

• Attach WAP4410N as WGB to Cisco 5760 WLC with LWAP 3702

  I have 5760 WLC with 3702 wireless infrastructure. Can i connect a WAP4410N AP as WGB to be attached to my current wifi network so i can provide connectivity to some wired devices? Any tips on doing so? And any limitation can be imposed for using this WAP instead of any other AP that are supported by WLC5760? If the wired clients are passive, configuring passive-client on WLC will work normally?

  Thanks Eric for the reply, however, this AP is not expected to be controlled by WLC as you mentioned since it is not lightweight and not supported by this WLC for compatibility. But in this scenario, i'm talking about operating it in WGB mode to be attached to the unified wireless infrastructure. In this scenario, it is just attached as a client that pass the traffic of its clients to the other side.
  I have noticed the below statement in this guide page (539)
  http://hcsdemo.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/37e/consolidated_guide/b_37e_consolidated_3650_cg.pdf
  When non-Cisco WGBs are used, the switch has no information about the IP address of the clients on the wired segment behind the WGB. Without this information, the switch drops the following types of messages:
  • ARP REQ from the distribution system for the WGB client.
  • ARP RPLY from the WGB client.
  • DHCP REQ from the WGB client.
  • DHCP RPLY for the WGB client.
  Accordingly, if the switch will drop all this traffic, then no traffic will be passed from the WGB clients to the network ! what I’m missing here?!!!

• Report Server Success Page

  Hi,
  Where does the html/htm file for "success
  completion" resides ?
  Regards,
  Izabella.

  hi,
  this page is created on the fly by the server. there is no way to change that.
  regards,
  the oracle reports team

• Query: Cisco 5760 WLC

  Hi All,
  I'm looking at the feature set offered by the 5760 so far I like it.
  However  find it bit hard to locate an "all in one" configuration guide for the platform.
  I came across individual pieces of the config guide which is based on CLI -IOS XE
  http://www.cisco.com/en/US/partner/products/ps12598/products_installation_and_configuration_guides_list.html
  What I'm after is a configuration guide similar to what we have for IOS 7.0 train which includes configurations done via GUI.
  Unless I need to fine tune or debug  I'm happy with the GUI when it comes to WLCs :-)
  On a side note, would there be a chassis based equivalent to the 5760 ?
  Any help is much appreciated.
  Thanks,
  Janesh

  That is the only guides out right now. I guess you will have to wait a while before some better "How to Guides" be one available. As far as the chassis, I believe they will, but not anytime soon.
  Sent from Cisco Technical Support iPhone App

• Webauth and disclaimer page

  In passthrough mode you use the WLC builtin web disclaimer page. With webauth, there's a built-in webauth page. Is it possible to have both? I want users to webauth and accept a disclaimer. Can this be done by uploading to the WLC a custome webpage?

  not natively in the WLC.  from our persepective once we receive the value that they have passed, either auth or accepted the disclaimer they are good to go.  it may be possible to code a customer page where you could have a disclaimer, and a next button, where the new page is authenticaiton, but I'm not sure it would work on the WLC, as we have limited space.  you should be able to accomplish this with an external webserver though.

• CISCO ACE forward to Sorry page

  Hello everyone,
  I have a problem with Cisco ACE. I want to view Sorry pages when primary server farm is not available, but this sorry pages should be loaded from other server farm with specific URL.
  When my site (https://www.mysite.com) is not available and all my servers in server farm is shutdown clients who visit page should see on main pages (https://www.mysite.com) Sorry Pages, this sorry pages is on other server farm in specific url. 
  So my question is: How to redirect client to other server farm to specific URL where is static pages for example /folder/maintenance.html?

  You cannot add a normal host in a redirect serverfarm:
  ====not good=====
  host1/Admin(config)# rserver BSERVER3
  host1/Admin(config-rserver-host)# ip address 192.168.12.6
  host1/Admin(config-rserver-host)# inservice
  host1/Admin(config-rserver-host)# exit
  host1/Admin(config)# serverfarm redirect SFARM2
  host1/Admin(config-sfarm-redirect)# rserver BSERVER3
  host1/Admin(config-sfarm-redirect-rs)# inservice
  host1/Admin(config-sfarm-redirect-rs)# exit
  =======
  To acheive what you want you will need to create a redirect serverfarm and a backup serverfarm and use layer7 classification. something like this:
  dvishwak/Admin(config)# rserver redirect SERVER4
  dvishwak/Admin(config-rserver-redir)# webhost-redirection http://%h/folder/maintenance.html 301
  dvishwak/Admin(config-rserver-redir)# inservice
  dvishwak/Admin(config-rserver-host)# exit
  dvishwak/Admin(config)# serverfarm redirect SFARM4
  dvishwak/Admin(config-sfarm-redirect)# predictor roundrobin
  dvishwak/Admin(config-sfarm-redirect)# rserver SERVER4
  dvishwak/Admin(config-sfarm-redirect-rs)# inservice
  dvishwak/Admin(config-sfarm-redirect-rs)# exit
  dvishwak/Admin(config)# rserver BSERVER3
  dvishwak/Admin(config-rserver-host)# ip address 192.168.12.6
  dvishwak/Admin(config-rserver-host)# inservice
  dvishwak/Admin(config-rserver-host)# exit
  dvishwak/Admin(config)# serverfarm host SFARM3
  dvishwak/Admin(config-sfarm-redirect)# rserver BSERVER3
  dvishwak/Admin(config-sfarm-redirect-rs)# inservice
  dvishwak/Admin(config-sfarm-redirect-rs)# exit
  dvishwak/Admin(config)# class-map type http loadbalance match-any MATCH-SORRY
  dvishwak/Admin(config-cmap-http-lb)# match http url /folder/maintenance.html
  dvishwak/Admin(config)# policy-map type loadbalance first-match L7SLBPOLICY
  dvishwak/Admin(config-pmap-lb)# class MATCH-SORRY
  dvishwak/Admin(config-pmap-lb-c)# serverfarm SFARM3dvishwak/Admin(config-pmap-lb-c)# exit
  dvishwak/Admin(config-pmap-lb)# class class-default
  dvishwak/Admin(config-pmap-lb-c)# serverfarm SFARM1 backup SFARM4
  This way the backup SFARM4 will redirect to your desired page while still keeping the URL what you desire, and when the redirect hits us back on the same VIP we catch in the layer 7 class MATCH-SORRY and send it to your desired server.
  -Regards,
  Devendra Vishwakarma
  -=Please rate helpful posts and mark answers=-