Port 80 for Web authentication?
Hi,
Is it possible to use port 80 for web authentication instead of port 443?
Sure... on the later code versions you can set the WebAuth to use either http or https by disabling WebAuth SecureWeb (http) or enabling it for https.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
Similar Messages
-
Guest Parameter for Web Authentication
Hi Forum,
Just to find out a little more detail in regards to the guest account created for web authentication using Ambassador account.
1) If the authenticated guest did not perform a proper logout, what action will the WLC take?
2) As such, is there any timeout involved?
Where can i tune the timeout?
Rdgs,
KelvinHi I just wanted to add what I have found regarding WCS and the guest feature.
-There are two ways to configure a "local net user". The first is a static guest ID that has the "guest" flag off. This means that the client's session will not timeout. The second is to specify the "guest" user checkbox and give it a timeout value in seconds.
This should let you control how long a user is logged in.
From the WLC login, go to SECURITY --> LOCAL NET USERS --> then click on NEW. From there you can specify a user ID and also set that optional guest user box. If you click on the Guest User box then you will see a timeout field.
With my guest account set to not be a guest user (no timeout value), I have noticed the following.
1. If a guest gets disconnected, usually they will reassociate and still be able to log in.
2. If a guest has problems, I usually tell them to disable their wireless card, close all browser windows, and then reassociate to the network.
The steps above have worked well for my setup... -
MAC Exception for Web Authentication
Hello folks. I currently have a guest network setup using guest tunneling and an anchor controller. I have it configured for web authentication. So basically, a client associates to the SSID, obtains an DHCP IP from the guest anchor controller, and then when the browser is launched the client is redirected to 1.1.1.1 and receives the splash page where they are required to click "OK" to proceed and begin surfing the internet.
I am being told from a vendor that it's possible to use a mac-address exception method so specific clients (based on mac address) will not have to web authenticate. So basically they bypass the splash screen and can immediately begin surfing the internet.
From what I can tell it's all or nothing per SSID.
Has anyone ever heard of this and if so do you know how it is accomplished.
Thanks
ChuckI've seen people ask for something like this for like an XBOX in a dorm (appearently XBOX doesn't have a browser?).....
Bottom line though is that on the WLC, all wireless clients on a WebAuth/WebPassthrough SSID must pass layer3 authentication. There is no way around this on this SSID. You'd have to create a different SSID as Scott suggested, which I'd probably suggest doing some kind of PSK on it, so only a few priveledged devices can associate.... you could even through in mac-filtering if you really wanted to complicate it....
Now, I understand that switches may have such a feature called mac-bypass, but it isn't on the WLC. -
Logical Port for Digest Authentication
Hello,
I want to connect to a webservice which is running at an IIS with Digest Authentication. I created a Consumer Proxy and added a Logical Port in SAO Management (Java-Stack) to this Consumer Proxy, but I can't find a digest authetification in Configuration of the Logical Port. Is it possible to connect from a SAP System to a webservice with Digest Authentification?
Thanks and best regards
IrisHello Gourav,
Thank you for your answer.
I tried to create a Logical Port with HTTP Access to the WSDL, but the WSDl needs digest authetication as well. So I get the error
Error: Error in WSDL access: Exception occurred in communication framework:Error in HTTP Framework:401Unauthorizedhttps://itnts2371/SecurityWebService.asmx?WSDL
though I logged in with right credentials.
Then I tried to read the WSDl from a file then, but I get the error
Error: Error in WSDL parsing: Exception occurred in library handler
So I created a manual Logical Port for SSL-Access. I get only "User ID/Password" and "SAP Authenticatoin Assertion Ticket", but no "Digest Authentication". "User ID/Password" doesn't work, I get a dialog to put in User ID and password, but I'm never authorized.
Any other suggestions?
Thanks
With best regards
Iris -
Dynamic Logical Port for Web Service Client
Hi *!
We want to use the same Web Service Client code with different Web Service instances running on different systems. So I need to configure the logical port (especially the URL of the endpoint) dynamically at runtime.
Please give me a hint, how this is done.
(we are using WebAS 6.40 SP7)...
Thanks in advance,
FrankHi Frank,
I hope you were able to solve your issue on you own in the meantime.
I was looking for the answer to this question today. This was the only thread I found on SDN. Unfortunately, it did not contain an answer yet. I was able to figure out a way to set the endpoint address dynamically after searching help.sap.com and after examining the interfaces offered by the Stub (logical port in this case) classes.
Here's an extract from my code:
// Connect to JNDI context
InitialContext ic = new InitialContext();
// Get reference to web service proxy from JNDI context
Z_MSC_GET_SCHEDULE_WSDService service =
(Z_MSC_GET_SCHEDULE_WSDService) ic.lookup("wsclients/proxies/iot-online.de/msc~srv_ejb~proxy/de.iot_online.msc.proxy.ScheduleReaderProxy");
// Get reference to logical port from web service proxy
Z_MSC_GET_SCHEDULE_WSD logicalPort = service.getLogicalPort();
// Set URL of web service Endpoint
logicalPort._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY, "http://<FQDN>:8010/sap/bc/srt/rfc/sap/Z_MSC_GET_SCHEDULE_WSD?sap-client=100");
This is explained on
http://help.sap.com/saphelp_nwce10/helpdata/en/45/113a1221337249e10000000a155369/frameset.htm
You can also set the credentials (username / password) with the method _setProperty.
Best regards
Christian -
Dynamic Host and Port for Web Proxy
hi,
When I create a web proxy in JDev I supply the hostname and the port for the web service. The code is then compiled and then deployed. However I want the host and port to be dynamic (kept in a varaible) so when I move my deployment from Development to Test server I just need to change a value in a database or text file. I don't want to re-compile and deploy the code when I move servers. Is there any way to do this??
Thanks
StephenHi,
not so in the WSDL file that is created. If from the client side access, then WS poxy classes allow you to do this
Frank -
Different ports for web/app servers
Is it possible to configure weblogic server to act as a webserver and app server
with different ports. like 80 for web server and 7001 for app. server?
Thanks in advance."OM" <[email protected]> wrote:
>
Is it possible to configure weblogic server to act as a webserver and
app server
with different ports. like 80 for web server and 7001 for app. server?
Thanks in advance. -
Possible to use http for web authentication?
Hi All,
We are using WLC 2500 and AP 1041 with web authentication. Due to we do not have the trusted/public certificate and want to get rid of the certificate warning during the user login. I would like to ask if this is possible to change the web authentication method from HTTPS to HTTP. Thanks.
Rgds,
JackyHi Jacky,
Yes u can... But there is a catch..
1) If ur running WLC code below 7.2.X then the only option is to disable HTTPS globally (Meaning HTTPS management access disabled only HTTP).
2) If you are running 7.2.X and above, then you can use HTTP for client webauth and then HTTPS for Management access.
The command for disabling https for web authetication would be:-
config network web-auth secureweb disable
Hope that helps
Regards
Najaf
Please rate when applicable or helpful !!! -
I would like to change default port for all web services from port 80 to port 8080 and have full access to webmail, iCal, web page, wiki
How can I do that?Hello Jay!
Take a look at this doc:
http://www.cisco.com/en/US/docs/solutions/Verticals/mstdcmsftex.html#wp609677
RPC requires source ip sticky in order to operate correctly through a loadbalancer. In the doc, they also walk through doing RPC over http/https - however, I have seen configurations where ACE is not L5-L7 that use RPC on port 135 as a L4 rule with sticky and it appears to work ok.
Regards,
Chris Higgins -
Customized web page for web authentication.
Hi,
can any one share a working "customized webpage for web authenticaiton", Virtual IP address of the WLC is 5.5.5.5.
Thanks.Hi Nagesh,
Here's a great download which contains sample templates of each possible type of Web Policy on the WLC:
http://www.cisco.com/cisco/software/cart.html?imageGuId=7A2F6E79BAE4EFF389E1FA95D96936027AD30AE8
Best,
Drew -
Hey everyone,
I have a small problem: changing the port for the default site.
I know how it's done for custom sites (though I haven't yet figured out how to reach those via the browser).
For the default site however its set to 443 and i cannot change that - I also haven't found any entry in the httpd.conf that relates to the secure port.
Is there a way to switch between http and https?
Thanks a lot,
ChrisGulfstar37 wrote:
Thanks for the very prompt reply, kevj! I followed the instructions exactly. However, on the Tools dropdown menu, I clicked on Options....but there is/was no Ports listed (all the usual icons: Getting Started, Checking Mail, Incoming Mail, Sending Mail, Composing Mail, Internet Dialup, etc. BUT no incon for Ports! I went through clicking on every icon, checking thoroughly every possibility...buttons, etc...and can find nowhere anything where a Port is shown, or anything where it might be changed. I don't know how long it will be before Comcast closes Port 25, and really desperate about this.
OK...I just downloaded and installed Eudora so I could figure this out...and it turns out to be rather easy...
To set up encryption for RECEIVED mail (not required by Comcast, but recommended):
Under Tools...Options, look at the 'Checking Mail' item. Set up the 'Secure Sockets when Receiving' option like this:
Once you receive mail using this setting, if you come back to this option screen and click on 'Last SSL Info' it will show that you connected over port 995.
To set up encryption for SENDING mail (this is required by Comcast):
Under Tools...Options, look at the 'Sending Mail' item. Set up the 'Secure Sockets when Sendin' option like this:
Again, once you set this up and send an email successfully, if you come back to this option screen and click on 'Last SSL Info' it will show that you connected over port 465.
Let us know if this works...it did for me... -
BM access rule and port for Web Manager
The Netware Webacess and the Netware Web Manager is working fine
internally. What are the ports to open and the rules to create on the
Border Manager so it can be access froum outside. How to configure the BM
OmarIn article <MLMqe.411$[email protected]>, wrote:
> The Netware Webacess and the Netware Web Manager is working fine
> internally. What are the ports to open and the rules to create on the
> Border Manager so it can be access froum outside. How to configure the BM
>
WebAccess just (normally) wants port 80. You can static NAT it, or reverse
proxy it through BMgr. Older versions of BMgr (3.6 or earlier) put in
default filter exceptions for reverse proxy (both port 80 and 443), but
later versions require you to add your own filter exceptions.
NetWare Web Manager - do you mean for Novonyz Web Server? If so, the port
used depends on what you configured for it. You could use static NAT, or
generic tcp proxy, or (I think) reverse proxy for whatever port Web Manager
is using. Newer web manager for Apache uses port 2200, I think.
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com *** -
Necessary ports for Web Conferencing in Oracle Collaboration Suite
Hi everybody!
What ports are necessary for opening to ensure the functioning with Web Conferencing in Oracle Collaboration Suite 10g (on a computer of the client and a server)
Thanks a lot for your helps.Hi,
If it's all configured properly on the server, you'll only need whatever port is configured for SSL on the middletier webserver (standard is 443) for actually running the conference - the web application used for scheduling etc. might use a different port but would usually be the same in a well configured environment.
regards,
Richard -
WLC Virtual Interface config for a public SSL cert for Web Authentication
I'm trying to get a cert loaded on my 5508 WLC running 7.6.130.0 so when a Web-Auth users tries to authenticate they don't get the SSL cert error.
In the document "Generate CSR for Third−Party Certificates and
Download Chained Certificates to the WLC"
Document ID: 109597 it states the following
"Note: It is important that you provide the correct Common Name. Ensure that the host name that is
used to create the certificate (Common Name) matches the Domain Name System (DNS) host name
entry for the virtual interface IP on the WLC and that the name exists in the DNS as well. Also, after
you make the change to the VIP interface, you must reboot the system in order for this change to take
effect.
Here are my questions.
1. I have always had 1.1.1.1 as the address of the Virtual interface, should that change or can I leave it as 1.1.1.1?
2. In the "DNS Host Name" Field do I simply put the domain or the FQDN? Example. Company.com or hostname.company.comHi,
1) You can change that if you want. Normally it is non-Public and non-routable in your network.
2) Put the Host name for which you are going to give in your company DNS server where that Host name would be mapped to the Virtual ip address.
Regards
Dhiresh
** Please rate helpful posts** -
WLC 2106 CSR Request For Web Authentication
Greetings, ive been following the guide below in order to replace the web auth certficate for guest users on our WLC2106.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml
Does anyone know of a method of using Windows 2003 CA Services to sign the CSR, i have tried but i can't get a PEM out of it, just X509 and P7B Certs, i do realise that Guest Users not native to our network will still be presented with an invalid certificate option but would like to try the configuration before paying to have the certificate properly signed.
RegardsThis document assumes that the CA server configuration on the Microsoft Windows 2003 server is in place. This document covers the configuration required on the Wireless LAN controller in order to enable this feature.
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080a99e23.shtml#Cert-WLC
Maybe you are looking for
-
Memory use imac 8.1 core 2 duo 32 bit.
Hello I have an imac 8.1 at work that is currently on 10.6.7 with 4gb of ram. (First time actually work working with macs) I need to use Vmware fushion to run a program for a co worker. (win 7) However as this mac is older it's bogging it down. I hav
-
what is the best app for backing up my mac. I do publication work and need to save my work?
-
Update User Defined Field using DBDataSource
Hi All, I'm trying to update the user defined field using the DBDataSource object. However an error occurred - "Item is not a User-Defined Field". The code used is as follows: Dim oDS as SAPbouiCOM.DBDataSource Dim oForm as SAPbouiCOM.Form Set oForm
-
I have deleted all its posts etc.
-
Edit photo in SLIDESHOW HELP?
I was wondering if there was a way to edit your photo in a slideshow without having the changes be saved in my library?? I tried making a duplicate but I dont want 2 pics of everything from a slideshow in my library..... So basically I would like to