Cisco 5760 WebAuth "Consent Success Page"
I've downloaded the WebAuth bundle from cisco.com and uploaded to a Cisco 5760 software version 3.6
It is all functioning correctly, except one aspect.
After the user reads the AUP and clicks the submit button they are sent to a "Consent Success Page" that reads "Thanks for Accepting our Consent" and will redirect to the ios configured redirectURL after 5 seconds.
Has anyone come across this? Can anyone advise how I customise this "Consent Success Page"? It doesn't appear to load the success.html page that I've configured below.
parameter-map type webauth global
type webconsent
virtual-ip ipv4 1.1.1.1
max-http-conns 100
intercept-https-enable
parameter-map type webauth PublicWiFi
type consent
consent email
redirect on-success http://bbc.co.uk
custom-page login device flash://consent/pub/consent.html
custom-page success device flash://consent/pub/success.html
custom-page failure device flash://consent/pub/failed.html
custom-page login expired device flash://consent/pub/logout.html
logout-window-disabled
May be the bug CSCup67821 with no workaround
Similar Messages
-
Hi,
Every time I want to have access to the Cisco Unified CM Console (System version: 7.0.1.11000-2), I use the https://10.10.x.x/ccmadmin/showHome.do homepage on my client computer, but when I open the page, I get a SSL certificate error, stating no trust to this webpage security certificate and if I those "continue to this page (not recommended)", I get access to the Cisco Unified CM Console web page.
I have tried to add the https://IP-adress to secure web pages in Internet Explorer 7, but this to no avail, it does not help.
How do I add this certificate to a trusted something, so I do not get this warning every time I open the page?
Kind regards,
Carl-MariusHi Michael,
It worked when I change the IP-address to the name that was written in the certificate, and imported the certificate to Internet Explorer.
Thank you for your fast and very precise help!
Kind regards,
Carl-Marius -
How do I create a reusable success page?
I have an application containing a large number of "form on report" pages. I wish to provide a success page confirmation to the user when the "apply changes" (update) or "create" (insert) button on the form is activated.
I wish to avoid having to have a dedicated success page for each Report/Form pair in the application and to make the redirect links dynamic so that the calling form page number is associated with the "Create Another Record" link and the associated report (search) page is linked via the "Return to Search Page"
Current success page:*
The success page displays two options:
1. "*Create Another Record*" (returns to the calling form)
2. "*Return to Search Page*" (returns to the report page associated with the calling form )
In the example below the redirect page numbers (in bold) are hard coded for a specific report/form combination:
"a href="f?p=&APP_ID.:22:&SESSION.:::22" class="instructiontext">
img src="#IMAGE_PREFIX#menu/add_record_64.gif" border=0 width="64" height="64" alt="Insert Another" title="Insert Another" /><br
Insert Another</a
</td
td align="center">
a href="f?p=&APP_ID.:21:&SESSION.:::21" class="instructiontext">
<img src="#IMAGE_PREFIX#menu/search_64.gif" border=0 width="64" height="64" alt="View Report" title="View Report" /><br
View Report</a"
Note: HTML tags above modified so that the code is read as text.
Any help would be much appreciated.
Meagain
Edited by: user8878108 on 19/01/2010 16:01
Edited by: user8878108 on 19/01/2010 16:02
Edited by: user8878108 on 19/01/2010 16:04Varad,
Apologies for making a labour of this.
I was sure I carried out all steps you described, religiously. Following is a step-wise explanation of exactly what I did:
*1.* Created 2 Application level items g_form and g_rpt. (Using Shared Components /Logic/Application Items)
*2.* Created 2 Application level processes eg for Report and Form, (Using Shared Components /Logic/Application Processes) with the following source code:
+:g_rpt := :app_page_id;+
+:g_form := :app_page_id;+
and a Process Point set to +"On Load: Before Header (page template header)"+
*3.* Added a Condition Type
+"Current Page is Contained Within Expression 1 (comma delimited list of pages)"+
*4.* Added the list of report pages under Expression 1
+21,23,25,27,29,31,33,35,37,39,41,43,45,47,49,51,53+
I am making the following presumptions:
*1.* I am presuming that the reports page list will cause the before header application level process to be invoked whenever the user navigates to any one of the report pages listed in "Expression 1". At which point the value of the g_rpt will be reset to that page number.
*2.* There is no need to invoke the application process from the individual pages themselves as the g_rpt and g_form values are set automatically and remain in place until different form or report page is opened invoking the application level process.
Are these presumptions correct, and if so, can you see any fault in the referencing on the successpage itself?
"a href="f?p=&APP_ID.:g_form:&SESSION.:::g_form" class="instructiontext">
img src="#IMAGE_PREFIX#menu/add_record_64.gif" border=0 width="64" height="64" alt="Create Another Record" title="Create Another Record" /><br Create Another Record</a
</td
td align="center">
a href="f?p=&APP_ID.:g_rpt:&SESSION.:::g_rpt" class="instructiontext">
<img src="#IMAGE_PREFIX#menu/search_64.gif" border=0 width="64" height="64" alt="Return to Search Page" title="Return to Search Page" /><brReturn to Search Page</a"
Cheers,
Meagain -
Add a hyperlink to SSPR success page
Is it possible to add a hyperlink to the FIM 2010 R2 sspr success page after a password reset?
I know you can customize text by modifying the strings.resource file, but I can't seem to add a hyperlink.
If I type out the HTML tag it doesn't work.
Cheers
IT Support/EverythingHi,
Unfortunately that didn't work - the cdata tag is simply displayed in the browser, can you see anything wrong with the strings.resources below:
<!-- Customizations begin here -->
<data name="ResetUseNewPassword" xml:space="preserve">
<value>You can now use your new password to log in - <![CDATA[a href="https://webapp.contoso.com">webapp.contoso.com</a>]]></value>
</data>
</root>
thx
IT Support/Everything -
Hi,
I am configuring up a Cisco 5760 WLC and wondering if it is required to put in a default route? In this document it says to put one in but i dont see why it is needed as it is connected to a switch via a layer 2 Trunk.
Reference:
https://supportforums.cisco.com/docs/DOC-34430
Another question, since there is no more Dynamic Interfaces and they are replaced with Layer 2 & 3 interfaces instead. Do all Layer 2 interfaces you create require a layer 3 interface IP address to be configured also? As shown below:
ThanksSo by default the 5760 has IP routing enabled so you will need to put in a default route. A default gateway won't work unless you disable IP routing first.
Sent from Cisco Technical Support iPhone App -
Cisco 5760 controller in centralized mode supports 4404 controller as anchor controller?
Hello All,
I have a cisco 5760 controller running in centralized mode. I want to configure one 4404 controller as anchor controller to work with the 5760 controller. Is this supported?.
Thanks in advance
ShabeebNo, It is not supported.
You cannot have a mobility peer with 5760 unless you enable "new mobility" on its peer . In CUWN products this is supported in 5508/WiSM2/8510 on specific codes. In current supported codes it has to be 7.6.x or 8.x.
As you know 4400 only supported upto 7.0.x code. So new mobility is not supported, hence you cannot peer with CA products.
In case if you have a "new mobility" supported WLC, here how you configure it
http://mrncciew.com/2014/05/06/configuring-new-mobility/
HTH
Rasika
**** Pls rate all useful responses **** -
Continuing text on successive pages
I am editing a catalog/book that was designed by someone else and need a bit of help with adding more pages.
The current setup has about 50 pages and i need to add 5 more. The problem is that when i add a new text frame on these new pages, text does not continue from the previous pages.
so lets say pages 1-50 are completely full. If i add more text on page 30, text on page 50 does not continue onto page 51 and instead just goes off the frame (i can cut and paste it out onto the next page but this is not really a permanent solution)
Any idea on how to make the text continue onto successive pages?In CS4:
Go to your Preferences for InDesign
Click on the Type preferences
Ensure that Smart Text Reflow is enabled and set the preferences therein.
Or, you can manually add the pages with the AutoFlow feature in this manner:
Go to the last page with content.
Select the text frame with overset text (shows the red + in the out port).
Click the out port. The cursor should change to indicate loaded text.
Press the Delete key to delete the text frame
Hold down the Shift Key. The cursor should change to a lazy S shape.
Poistion the cursor at where the top left corner of the original text frame was and click.
This will recreate the text frame that was just deleted and flow the text to as many additional pages as needed. If you have a master text frame, it should honor that. If not, then it will fill the defined margins and/or columns of the pages.
This works in CS4 and earlier versions.
-mt -
Cisco WLC WebAuth Page Not Found
Hi All,
I'm using Cisco VWLC 7.4.100.60, I'm facing a problem of the internal web auth with Local Net User , any client access the guest SSID, which can re-direct to the virtual port ip http://1.1.1.1/login.html, but browser also show page not found.
May I know how can I fix it?
Many Thanks!
hangCan be many things... first off, make sure DNS is working and that the guest homepage is not a secure web site (https). Also make sure you didn't add and DNS hostname in the VIP interface unless you installed a cert and the FQDN is resolving. Here is a good guide:
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080bf7d89.shtml
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered" -
Hello
Has anyone else experienced the issue where this exit button works when IE is used to login to the ISE Guest portal, but not when Chrome is used. Same for Safari (from IPAD).
Sent from Cisco Technical Support iPad AppGoogle Chrome is not a fully supported browser for use with the Administrative User Interface of the Identity Services Engine (ISE), Version 1.1.3 and earlier.
-
Cisco 5760 - Anchor config issue
Hi,
I am having an issue where the 5760 Anchor WLC has 4 Subnets but half of the VLANS need to go to a seperate gateway and the other half to another gateway.
Below image is what the network looks like:
The router (Content Filtering) is the Gateway for 4 x SSID’s/VLANs
The Firewall is the Gateway for the Management VLAN
The issue here is that we have 2 separate Gateways and there is no way to define separate gateways for each VLAN on the 5760 WLC
We have an default IP route 0.0.0.0 0.0.0.0 10.1.1.254 which is pointing to the Firewall. The firewall is not the gateway for the other 4 x SSID/VLANs that exist on the Anchor so we do not want all traffic going to the Firewall, only management traffic.
Is there a way to set different gateways for different subnets/VLANs on the 5760 WLC? Keeping in mind that there is an default route pointing to the Firewall.
Also does the 5760 WLC acts as a Layer 3 device?
ThanksAll types of deployments listed below for the Anchor configuration.
Case solution :
Wireless WebAuth and Guest Anchor Solutions
The following sections show a WebAuthentication (WebAuth) configuration and Guest Anchor examples on the CT5760.
Note For a complete webauth configuration, please download the webauth bundle from the following URL: http://software.cisco.com/download/release.html?mdfid=284397235&softwareid=282791507&
release=3.2.2&relind=AVAILABLE&rellifecycle=&reltype=latest .The readme file has all the GUI and CLI configuration for webauth.
Configure Parameter-Map Section in Global Configuration
The parameter map connection configuration mode commands allow you to define a connection- type parameter map. After you create the connection parameter map, you can configure TCP, IP, and other settings for the map.
! First section is to define our global values and the internal Virtual Address.
! This should be common across all WCM nodes.
PARAMETER-MAP TYPE WEBAUTH GLOBAL?
VIRTUAL-IP IPV4 192.0.2.1
PARAMETER-MAP TYPE WEBAUTH WEBPARALOCAL?
TYPE WEBAUTH?
BANNER TEXT ^C WEBAUTHX^C
REDIRECT ON-SUCCESS HTTP://9.12.128.50/WEBAUTH/LOGINSUCCESS.HTML
REDIRECT PORTAL IPV4 9.12.128.50
Configure Customized WebAuth Tar Packages
Transfer each file to flash:
copy tftp://10.1.10.100/WebAuth/webauth/ webauth_consent.html flash:webauth_consent.html
copy tftp://10.1.10.100/WebAuth/ webauth_success.html flash: webauth_success.html
copy tftp://10.1.10.100/WebAuth/ webauth_failure.html flash: webauth_failure.html
copy tftp://10.1.10.100/WebAuth/ webauth_expired.html flash: webauth_expired.html
Configure Parameter Pap with Custom Pages
parameter-map type webauth webparalocal
type webauth
custom-page login device flash:webauth_consent.html
custom-page success device flash:webauth_success.html
custom-page failure device flash: webauth_failure.html
custom-page login expired device flash:webauth_expired.html
Configure Parameter Map with Type Consent and Email Options
parameter-map type webauth webparalocal
type consent
consent email
custom-page login device flash:webauth_consent.html
custom-page success device flash:webauth_success.html
custom-page failure device flash:webauth_failure.html
custom-page login expired device flash:webauth_expired.html
Configure Local WebAuth Authentication
username guest password guest123
aaa new model
dot1x system-auth-control
aaa authentication login EXT_AUTH local
aaa authorization network EXT_AUTH local
aaa authorization network default local
or
aaa authentication login default local
aaa authorization network default local
Configure External Radius for WebAuth
aaa new model
dot1x system-auth-control
aaa server radius dynamic-author ?
client 10.10.200.60 server-key cisco ?server-key cisco ?
auth-type any
radius server cisco
address ipv4 10.10.200.60 auth-port 1812 acct-port 1813
key cisco
aaa group server radius cisco server name cisco
aaa authentication login EXT_AUTH group cisco
or
aaa authentication login default group cisco
Configure WLAN with WebAuth
wlan Guest-WbAuth 3 Guest-WbAuth
client vlan 100
mobility anchor 192.168.5.1
no security wpa
no security wpa akm dot1x
no security wpa wpa2
no security wpa wpa2 ciphers aes
security web-auth
security web-auth authentication-list EXT_AUTH
security web-auth parameter-map webparalocal
no shutdown
Configure HTTP Server in Global Configuration
!--- These are needed to enable Web Services in the Cisco IOS® software.
ip http server
ip http secure-server
ip http active-session-modules none
Other Configurations to be Checked or Enabled
!--- These are some global housekeeping Cisco IOS® software commands:
ip device tracking
ip dhcp snooping
SNMP Configuration
From the CT5760 console, configure the SNMP strings.
snmp---s er v er co mmuni t y p ub l i c r o
snmp---s er v er co mmuni t y p r i v a t e r w
IPv6 Configuration
IPv6 is supported on the data path. Wireless clients will be able to get an IPv6 address.
Enable IPv6 Snooping - CT5760
There are slight differences in configurations on a CT5760 when configuring IPv6. To enable IPv6 on a CT5760, the following step must be completed.
ipv6 nd raguard attach-policy testgaurd
Trusted-port
Device-role router
interface TenGigabitEthernet1/0/1
description Uplink to Core Switch
switchport trunk native vlan 200
switchport mode trunk
ipv6 nd raguard attach-policy testgaurd
ip dhcp snooping trust
Enable IPv6 on Interface - CT5760
Based on interfaces that need IPv6 configurations and the type of address needed, respective configurations are enabled as follows. IPv6 configurations are enabled on VLAN200.
vlan configuration 100 200
ipv6 nd suppress
ipv6 snooping
interface Vlan100
description Client VLAN
ip address 10.10.100.5 255.255.255.0
ip helper-address 10.10.100.1 2001:DB8:0:10::1/64
ipv6 address FEC0:20:21::1/64
ipv6 enable -
Attach WAP4410N as WGB to Cisco 5760 WLC with LWAP 3702
I have 5760 WLC with 3702 wireless infrastructure. Can i connect a WAP4410N AP as WGB to be attached to my current wifi network so i can provide connectivity to some wired devices? Any tips on doing so? And any limitation can be imposed for using this WAP instead of any other AP that are supported by WLC5760? If the wired clients are passive, configuring passive-client on WLC will work normally?
Thanks Eric for the reply, however, this AP is not expected to be controlled by WLC as you mentioned since it is not lightweight and not supported by this WLC for compatibility. But in this scenario, i'm talking about operating it in WGB mode to be attached to the unified wireless infrastructure. In this scenario, it is just attached as a client that pass the traffic of its clients to the other side.
I have noticed the below statement in this guide page (539)
http://hcsdemo.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/37e/consolidated_guide/b_37e_consolidated_3650_cg.pdf
When non-Cisco WGBs are used, the switch has no information about the IP address of the clients on the wired segment behind the WGB. Without this information, the switch drops the following types of messages:
• ARP REQ from the distribution system for the WGB client.
• ARP RPLY from the WGB client.
• DHCP REQ from the WGB client.
• DHCP RPLY for the WGB client.
Accordingly, if the switch will drop all this traffic, then no traffic will be passed from the WGB clients to the network ! what I’m missing here?!!! -
Hi,
Where does the html/htm file for "success
completion" resides ?
Regards,
Izabella.hi,
this page is created on the fly by the server. there is no way to change that.
regards,
the oracle reports team -
Hi All,
I'm looking at the feature set offered by the 5760 so far I like it.
However find it bit hard to locate an "all in one" configuration guide for the platform.
I came across individual pieces of the config guide which is based on CLI -IOS XE
http://www.cisco.com/en/US/partner/products/ps12598/products_installation_and_configuration_guides_list.html
What I'm after is a configuration guide similar to what we have for IOS 7.0 train which includes configurations done via GUI.
Unless I need to fine tune or debug I'm happy with the GUI when it comes to WLCs :-)
On a side note, would there be a chassis based equivalent to the 5760 ?
Any help is much appreciated.
Thanks,
JaneshThat is the only guides out right now. I guess you will have to wait a while before some better "How to Guides" be one available. As far as the chassis, I believe they will, but not anytime soon.
Sent from Cisco Technical Support iPhone App -
In passthrough mode you use the WLC builtin web disclaimer page. With webauth, there's a built-in webauth page. Is it possible to have both? I want users to webauth and accept a disclaimer. Can this be done by uploading to the WLC a custome webpage?
not natively in the WLC. from our persepective once we receive the value that they have passed, either auth or accepted the disclaimer they are good to go. it may be possible to code a customer page where you could have a disclaimer, and a next button, where the new page is authenticaiton, but I'm not sure it would work on the WLC, as we have limited space. you should be able to accomplish this with an external webserver though.
-
CISCO ACE forward to Sorry page
Hello everyone,
I have a problem with Cisco ACE. I want to view Sorry pages when primary server farm is not available, but this sorry pages should be loaded from other server farm with specific URL.
When my site (https://www.mysite.com) is not available and all my servers in server farm is shutdown clients who visit page should see on main pages (https://www.mysite.com) Sorry Pages, this sorry pages is on other server farm in specific url.
So my question is: How to redirect client to other server farm to specific URL where is static pages for example /folder/maintenance.html?You cannot add a normal host in a redirect serverfarm:
====not good=====
host1/Admin(config)# rserver BSERVER3
host1/Admin(config-rserver-host)# ip address 192.168.12.6
host1/Admin(config-rserver-host)# inservice
host1/Admin(config-rserver-host)# exit
host1/Admin(config)# serverfarm redirect SFARM2
host1/Admin(config-sfarm-redirect)# rserver BSERVER3
host1/Admin(config-sfarm-redirect-rs)# inservice
host1/Admin(config-sfarm-redirect-rs)# exit
=======
To acheive what you want you will need to create a redirect serverfarm and a backup serverfarm and use layer7 classification. something like this:
dvishwak/Admin(config)# rserver redirect SERVER4
dvishwak/Admin(config-rserver-redir)# webhost-redirection http://%h/folder/maintenance.html 301
dvishwak/Admin(config-rserver-redir)# inservice
dvishwak/Admin(config-rserver-host)# exit
dvishwak/Admin(config)# serverfarm redirect SFARM4
dvishwak/Admin(config-sfarm-redirect)# predictor roundrobin
dvishwak/Admin(config-sfarm-redirect)# rserver SERVER4
dvishwak/Admin(config-sfarm-redirect-rs)# inservice
dvishwak/Admin(config-sfarm-redirect-rs)# exit
dvishwak/Admin(config)# rserver BSERVER3
dvishwak/Admin(config-rserver-host)# ip address 192.168.12.6
dvishwak/Admin(config-rserver-host)# inservice
dvishwak/Admin(config-rserver-host)# exit
dvishwak/Admin(config)# serverfarm host SFARM3
dvishwak/Admin(config-sfarm-redirect)# rserver BSERVER3
dvishwak/Admin(config-sfarm-redirect-rs)# inservice
dvishwak/Admin(config-sfarm-redirect-rs)# exit
dvishwak/Admin(config)# class-map type http loadbalance match-any MATCH-SORRY
dvishwak/Admin(config-cmap-http-lb)# match http url /folder/maintenance.html
dvishwak/Admin(config)# policy-map type loadbalance first-match L7SLBPOLICY
dvishwak/Admin(config-pmap-lb)# class MATCH-SORRY
dvishwak/Admin(config-pmap-lb-c)# serverfarm SFARM3dvishwak/Admin(config-pmap-lb-c)# exit
dvishwak/Admin(config-pmap-lb)# class class-default
dvishwak/Admin(config-pmap-lb-c)# serverfarm SFARM1 backup SFARM4
This way the backup SFARM4 will redirect to your desired page while still keeping the URL what you desire, and when the redirect hits us back on the same VIP we catch in the layer 7 class MATCH-SORRY and send it to your desired server.
-Regards,
Devendra Vishwakarma
-=Please rate helpful posts and mark answers=-
Maybe you are looking for
-
Hi All I create logical port in LPCONFIG for a WS and i put the proxy class and logcal port (just variable like abc ) i choose defult port and in runtime i choose webservice and in in call parameters in URL i put the WSDl of the WS i create via se37
-
Boot Camp Assistant says There is no USB drive connected to the system
I have a mid-2012 11" Macbook Air and a USB Superdrive. I am trying to use Boot Camp Assistant but it is not letting me proceed. With the Superdrive plugged and Windows 7 (full version) DVD in the drive, I get the message "No USB Drive" – "There is n
-
Reconfigure/Expand/Replace HD's in G5 Opinions Needed
Hi, For some time I have needed to update my configuration of my hard drives on my dual 2.0 G5. I need more space and adequate backup in an organized and efficient setup. I'm a Photographer and Graphic Designer so I work with large files. Currently R
-
When I try to install the latest version of iTunes, during the installation I get error messages saying that a program is trying to change registry and the installation is stopped. After this happens the only way that I can open iTunes is to do a 'sy
-
All, Let me know if you're interested, I'll supply contact details ============================================= A major financial services company in the D.C. area that is looking for Java developers with 5 + years experience in web dev/ internet te