Overwrite image webauth-bundle WLC 5500
Hi,
Does any one knows how to replace an image in webauth-bundle on WLC 5500?
When I run "show custom-web webauth-bundle", I do see the files:
aup.html
login.html
yourlogo.jpg
But, the size of yourlogo.jpg is too big and need to replace with a smaller one.
I have tried (with the appropiate IP and filename):
transfer download mode tftp
transfer download datatype image
transfer download serverip tftp-server-ip-addres
transfer download filename {filename.jpg | filename.gif | filename.png}
but, it does not work.
Thanks very much.
If the size changes, then yes you will need to define that on the html. Anyways, you will need to tar up the files and upload it to the WLC. That is the only way to update a custom webauth, either being a change to the html, image or maybe the AUP.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
Similar Messages
-
WLC 5508 - Error When Uploading Webauth Bundle
Currently have a WLC 5508 running 7.4.110.0. I'm trying to upload (download) a webauth bundle to the controller from the web interface and am getting an error. I've tried using FTP, SFTP and TFTP and get a different error with each. When I started out with this, I was using a modified login.tar. Thinking this was the problem, I switched to using the login.tar file included with the Web Authentication Bundle version 1.0.2 downloaded from the Cisco site. This file fails with the errors below. Does anyone have suggestions as to what I'm doing wrong? Is this is a known bug in this version of the software? Thanks!
For FTP:
The web interface shows:
% Error: Webauth Bundle file transfer failed - Unknown error - refer to log.
Log on the controller shows:
*TransferTask: May 28 13:51:12.942: #UPDATE-3-FTP_TRANSFER_FAIL: updcode.c:5631
Error FTP file Transfer [ftp_get], <30>, Read-only file system.
For SFTP:
The web interface shows:
% Error: Webauth Bundle file transfer failed - Unknown error - refer to log.
Log on the controller shows:
*TransferTask: May 28 14:52:58.779: #UPDATE-3-SFTP_TRANSFER_FAIL: updcode.c:5869
Error SFTP file Transfer [sftp_get], <11>, Resource temporarily unavailable.
For TFTP:
The web interface shows:
% Error: Webauth Bundle file transfer failed - Unknown error - refer to log.
Log on the controller shows:
*TransferTask: May 28 15:02:39.232: #UPDATE-3-FILE_OPEN_FAIL: updcode.c:4593 Fai
led to open file webauth.tar.
*sshpmReceiveTask: May 28 15:02:39.153: #OSAPI-3-MUTEX_FREE_INFO: osapi_sem.c:10
87 Sema 0x2b32def8 time=11504 ulk=18587678 lk=18576174 Locker(sshpmReceiveTask s
shpmrecv.c:1662 pc=0x10b07938) unLocker(sshpmReceiveTask sshpmReceiveTaskEntry:1
647 pc=0x10b079Hi,
1. Did you used PIcozip to compress your webauth bundle?
2. Did you try only with one laptop , if yes then try to use other one.
3. Just try to upload default webauth bundl from cisco to wlc and show the result to us.
7.4.121.0 is very stable version.
Regards -
How to retrieve the webauth-bundle on WLC
Hi all,
I can see the web auth bundle:
(Cisco Controller) show custom-web webauth-bundle
box-bottom.gif
box-left.gif
image.gif
login.html
logo.gif
logout.html
Now I want to download the web bundle( box-buttom.gif, box-left.gif...logo.gif,logout.gif) to my PC. Is it possible, if so, how?Not completley related but might help??
https://supportforums.cisco.com/message/3263628#3263628
Please rate this response thanks -
WLC 5508 - WebAuth Bundle tar error 256
Hi all,
I have a new fresh 5508 release 7.0.98.0
When I try to download (I mean upload to the controller) a customized Webauth bundle in .tar format I have the following message error in the syslog :
*TransferTask: Oct 29 12:56:08.894: %UPDATE-3-UNTAR_CMD_FAIL: updcode.c:2832 Error during untar of webauth bundle. Tar returned 256.
If someon could help me...
ThanksExcellent find, Karl!
I'd just to clarify a bit for those who might not have completely understood this. Note that Karl said all files and folders must have UID root and GID root. Running chown root only changes the UID. To change the GID, you must also run chgrp root . The easiest way to go about this is to create a new directory, copy your current tar file to it and extract, chown and chgrp against ./*, then tar it back up.
su root # alternatively, you can use sudo for chown and chgrp
mkdir weblogintmp
cp weblogin.tar weblogintmp/
cd weblogintmp
tar -xvf weblogin.tar
rm weblogin.tar
chown -R root ./*
chgrp -R root ./*
tar -cvf weblogin-new.tar ./*
## the tar file itself doesn't need to have UID and GID root, only the contents of it does.
Karl also pointed out that this must be done from a Unix/Linux-based operating system that a GID (group ID) literally named root. In BSD-based systems (at least the ones I've worked with, including Mac OSX), the root-equivalent GID is named wheel. The 5508 WLC with 7.0.98.0 will not accept this.
If you do all of this and it still gets rejected by the WLC, consider that there might actually be something else wrong with it. There's a fantastic article in the Documents section of the Security and Network Management group which helped me figure out a couple issues I had in the past:
https://supportforums.cisco.com/docs/DOC-13954
Here's a snippet that pertains to not being able to transfer your webauth bundle to a WLC:
"There are some limitations with custom webauth that varies with versions and bugs. The things to watch for are .tar file size (used to be 1Meg maximum), also the number of files in the .tar as well as the filename length of the files in there (something like 30 characters max for a file)." -
Wlc 5500 authentication timeout
I have a WLC 5500 controller. I have two WLANS (OBSD-Internal and OBSD-BYOD). I have authentication setup to the WLC for the BYOD WLAN using LDAP (users connect with an AD user account). They are required to re authenticate every few minutes. This only happens on the BYOD WLAN (not Internal)
Scott-
Here are the results of the sho WLAN cmd:
(Cisco Controller) >show wlan 3
WLAN Identifier.................................. 3
Profile Name..................................... OBSD BYOD
Network Name (SSID).............................. OBSD-BYOD
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Number of Active Clients......................... 25
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. Infinity
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ g9c-guest
Multicast Interface.............................. Not Configured
--More-- or (q)uit
WLAN ACL......................................... Guest WiFi Internet Only
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
--More-- or (q)uit
Accounting.................................... Global Servers
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Enabled
ACL............................................. Web Auth
Web Authentication server precedence:
1............................................... local
2............................................... radius
3............................................... ldap
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Local Authentication................... Disabled
H-REAP Learn IP Address....................... Enabled
--More-- or (q)uit
Client MFP.................................... Optional but inactive (WPA2 not configured)
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Mobility Anchor List
WLAN ID IP Address Status -
Cisco 5508 HA - Webauth Bundle for multiple SSID/multiple web pages
Hi Guys,
I have 2* cisco 5508 WLC in HA mode . Both are running IOS 7.5.102.0 . Everything is working perfectly fine.
I need to Creat 3 differnet SSID and Creat 3 different login Pages for them . Each user from respective SSID will get specified login Page. like
I have few questions :
1) I have downloaded webauth bundle from cisco Support Site and in that itself so many files are there. So based on my scenario , in which folder do i need to copy my login and logo file.
2) i have used Picozip to convert the file in .tar format but its giving me following error "
% Error: Webauth Bundle file transfer failed - No reply from the TFTP serve" but i can ping my tftp server easliy.
3) As Controllers are in HA mode , so once i am successful in uploading webauth bundle then it will be replicated on secondary controller or do i have to turn off SSO and upload in both one by one.
Please help me out in this.
CheersHello Sandeep,
i have uploaded the tar which you have sent to me. When i supply my username and pwd, after that it keeps on going and not showing any end result. so it stays on same page and nothing happening after that.
Are there any more radius ACL's to be defined ? 10.10.13.x is wireless client network , 192.168.10.21 is Radius Server , 192.168.10.215 is proxy server. Is there any other ACL need to be defined ??
Source Destination Source Port Dest Port
Index Dir IP Address/Netmask IP Address/Netmask Prot Range Range DSCP Action Counter
1 Any 10.10.13.0/255.255.255.0 192.168.10.21/255.255.255.255 Any 0-65535 0-65535 Any Permit 0
2 Any 192.168.10.21/255.255.255.255 10.10.13.0/255.255.255.0 Any 0-65535 0-65535 Any Permit 0
3 Out 10.10.13.0/255.255.255.0 1.1.1.1/255.255.255.255 Any 0-65535 0-65535 Any Permit 0
4 In 1.1.1.1/255.255.255.255 10.10.13.0/255.255.255.0 Any 0-65535 0-65535 Any Permit 0
5 Any 10.10.13.0/255.255.255.0 192.168.10.215/255.255.255.255 Any 0-65535 0-65535 Any Permit 98
6 Any 192.168.10.215/255.255.255.255 10.10.13.0/255.255.255.0 Any 0-65535 0-65535 Any Permit 98
DenyCounter : 12 -
Hi,
I have a WLC 5500 with image 7.0.98, and I can not use bonjour services.
My broadcast and multicast are enabled.
Ethernet Multicast Forwarding............... Enable
Ethernet Broadcast Forwarding............... Enable
AP Multicast/Broadcast Mode................. Multicast Address : 235.0.0.1
IGMP snooping............................... Enabled
the only thing that makes me crazy, is that I am migrating from all the network 3com, to CISCO, now all my switches, and routers are Cisco, my new wlan is CISCO, but for some reasons I have to use for a while the old wireless 3com infraestructure, and I dont have any issue like this in 3com wireless.
I really does not what to do.
Any idea???Just curious.. Since we are using Multicast - Multicast mode..make sure the Multicast routing should be enabled on..
>> MGMT interface and AP manager int's int VLAN where the routing is happening
>> VLAN on which the AP are lying
>> VLAN on whihc the clients are on.
Ex - If the Management and the AP manager is on VLAN 10 and AP are in VLAn 20 and CLients are on VLAN 30, then on VLANs 10, 20, 30 the multicast routing should be enabled..
Regards
Surendra -
Hai all ,
Recectly we replaced Cisco 2100 Series LAN controller to Cisco 5508 Wirless LAN controller , I downloaded WebAuth Bundle from my Old LAN Controller ,when i am trying to upload to my New Wireless LAN controller ,its not uploading and also it gave me uploading failure error message .Was it a customized webauth that you had on your 2106? When you say downloaded it from the 2106, you mean you previewed the webauth page and right clicked and then view source and saved that as login.html along with any images? I do that all the time, and as long as you tar the file up correctly and it's under 1MB you should be okay.
Thanks,
Scott Fella
Sent from my iPhone -
Webauth bundle (where?)
I have a WLC 4402 ver 4.2. I'm working on getting guest wireless working with web authentication. The documentation speaks of downloadable webauth bundles. What are they and where do I get them? I imagine them as being a skin of sorts to modify the internal auth page.
--PatrickHi,
I am experience the same issue(I think). New cust-bundle, used exactly the same code for the scripts that are in the sample but can't authenticate. It halts in the redirectpage with the new URL. Odd thing is that the WLC not even succeed to authenticate the user.
Any progress from TAC? -
Hello,
I am going to deploy Cisco ISE with WLC 5500. I have two kinds of users one for which I want to deploy just open access Wi-Fi network, without working with Cisco ISE and Second group of Users for which I want to deploy Cisco ISE services like advanced authentication, posture and profiling. For both users I have just one WLC. Is there any problem to just deploy two SSID one for open access (without Cisco ISE) and second Secure with Cisco ISE ?Thank you for helping.
I have read your proposed document, but didn't understand details beside SNMP probes.
The reason I don't want to enable ISE authentication/profiling and posture for guest is that I don't have enough licenses for all guests. I am planning to create separate SSID for guest which will have just open “authentication” without any key or ISE. In this case why ISE will profile guest users, it even doesn’t be associated with this WLAN profile? -
WLC 5500 802.1x problems
So here is the problem that i have.
I have a WLC 5500 in site A ( let´s say city A too ) with its own set of wlans ( wlan 1 , wlan 2 ... ) that are used to differentiate different types of users ( teachers, students, etc ) using a RADIUS server and a AD for this client and using 802.1x. Everything on site A is working fine.
Now i´m trying so set an access point in site B ( in city B ) with its own set of wlans ( wlan X, wlan Y ... ) that is also used to differentiate clients, site B as its own DHCP, its own RADIUS and its own AD. I´ve managed to connect the access point to the WLC and set wlans for site B. My problem now is that when a user tries to connect to wlan X and he is suppose to be in wlan Y, he is not forwarded to wlan Y and is left in wlan X. I´ve also configured HREAP.
Does anyone as any idea why the clients aren't being assigned to the correct wlan??
I´ve checked in the Radius server and its sending the correct wlan to the user.
I now that the text is probably a little bit confusing, but i hope that someone can help me.
Thanks in advanced.You are right, it is not supported:
Note: If the APs are in H-REAP mode and locally switched at the remote site, the dynamic assignment of users to a specific VLAN based on the RADIUS server configuration is not supported.
Since you can't do dynamic vlan, why not have two policies, one for teachers and the other for students. You will need to have then in seperate groups in AD also. Then filter on the ssid and the AD group, so if students try to access the teachers ssid using their credentials, they get rejected and vice versa.
I don't know what you mean by connecting two site without h-reap. The only other way is switching the AP to local mode, which you better have some good bandwidth.
Scott -
Anyone know the structure of a page on java, cause i have a problem to download the .tar is this correct on the structure???
Have you looked at the code for the default webauth or download the webauth bundle form CCO? You can use that HTML code and modify that to your liking. There is also a document on the forum regarding webauth but I don't have the link for that.
Thanks,
Scott Fella
Sent from my iPhone -
Problems applying preboot imaging script bundle w/ 11.3.2
Hi all,
Just wondering if its just me with these issues.
I had our preboot imaging script bundle assigned to the Workstation folder within the ZCC, but since the update to 11.3.2 when attempting to apply the imaging script bundle to a device within the ZCC it throws an error saying that no imaging script bundle is assigned to the device. The only way to get around this issue has been for me to assign the preboot imaging script bundle to each device within our zone, not the folders they exist within.
Another issue I've had is if I select more than one device within the ZCC the action option "apply assigned imaging bundle" is greyed out. If I only select one device I am able to use that option again.
Can anyone else confirm if they're experiencing the same issues?
We're running 3x SLES 11 primaries running 11.3.2, all with the imaging role (our imaging script load balances between the three).
I've tried accessing the ZCC with Internet Explorer, Firefox and Chrome and they all experience the same issue above.
Regards,
MattOriginally Posted by Thomas Degenhardt
Am 17.12.2014 um 02:16 schrieb xvastx:
>
> Hi all,
>
> Just wondering if its just me with these issues.
>
Hello Matt,
we are having the same issues. Did you contact Novell and opened a SR?
Regards,
Thomas
Hey Thomas,
We're on an educational licence so, unfortunately, we don't have any SRs to play with. Hopefully Anders has sent the issue trough to Novell.
Regards,
Matt -
Dear All,
i have WLC 5500 with 50 AP Base license with LAP 3500i APs,
so, do i need license for the WLC to work with the cleanair technology even it software ver 7 ?????
and also i have WCS with base license so do i need a license also for the WCS to work with clean air technology????
thanks
AhmedYou do not need extra license for either WLC or WCS to work with cleanair. But if you buy 10 AP pack 3500 APs, you will get WCS Plus upgrade license (for 100 APs) for free.
More info can be found here:
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10981/qa_c67-604158.html
zhenning -
We have a WLC 5500 apliance, but i have a problem, the APs have a administrative IP in a diferent segment, only conected to WLC the AP have same segment of the management interface, the 5500 don´t have APmanager interface.
How configurate the WLC to conected and administrate all AP with different segment IP
Product Version.................................. 6.0.182.0
chasis: AIR-CT5508-K9You may check this article about the discovery process:
http://tiny.cc/lqu1zw
Now, with what Steve above is trying to say is that with 5508 the management interface itself is the AP manager interface (by default). so, management and ap-manager interfaces are merged into one interface with same IP address. You can change this behavior but this is the default.
The article will tell you what mechanisms can be used to direct the APs to join the WLC even if they are on different subnet.
HTH
Amjad
Rating useful replies is more useful than saying "Thank you"
Maybe you are looking for
-
ITunes Migration in Yosemite 10.10.2
I'm a first time user of the OS operating system (using it in the 90s in high school no longer counts), I've followed every step of iTunes library migration methodically that the forum has provided, and I'm stuck. I'm at my wits end. I bought a fresh
-
Can I change PDF font size in ibook
I downloaded a PDF file into ibooks but the font is too small. I don't want to zoom in because then I have to move the file left to right right to left. I would like to change the font size and the document should repaginate itself. Is that possible?
-
In the last few days, when I hit a key to start up the computer, all I will get is a blank screen with the small, multi-colored, rotating disk icon. I can't get out of this unless I hold the power key down for about 5 seconds, which I know is probab
-
Running wordpress blogs as subfolders
Hi, We are moving our site to Azure shortly and I have a question about using Wordpress on Subfolders. Our main website is run using sitecore CMS which is a .net framwork, but we also have a number of blogs which we currently run using wordpress. We
-
How to save contents of JPanel to an image file
Hi, I am using a JPanel to display some primitive shapes(line, circle,etc.) and I need to save the contents of this panel to disk as an image file (JPEG, bitmap, TIFF, etc.). Have searched jdc but've found no feasible results. I would really apprecia