Splash page, WLC 4400 w/o ACS

I am administrating a wireless network consisting of 11 APs, ASA 5510, WLC 4402 and Router 1760.
The network is sharing an internet connection to all guests without charge so I have no need for authorisation of guests.
I would like to implement a splash page that would be shown to all clients when they first connect. The splash page is suppoused have only the basic information about the provided service and no logon.
Is there a way to do this without purchasing an ACS?
Thank you for your help.

Hello!
Yes, if you don't need for authentication (which would require to define the users locally on the WLC or using an external RADIUS server.. as ACS), you can enable Web Auth Passthrough on the WLC directly.
Check this config example:
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00809bdb5f.shtml
In any case, this thread should better go to the Wireless community if ACS is not involved.
I hope this helps!
Regards,
Federico
If this answers your question please mark the question as "answered" and rate it, so other users can easily find it.

Similar Messages

  • WLC and Splash Page

    Hello all,
    I have a 3502 ap connected to a 2100 WLC, I want to create and SSID with wpa/wpa2 with psk authentication. Cisco duomentation shows that it is not possible as it fllas back to 802.1x auth.
    is there a way to create an ssid with psk and a splash page that shows company service agreement with only a button that shows I accept these terms?
    Thank you all

    Hi,
    If i understand correctly: you want to have a WLAN with WPA/WPA2 -PSK and webauth page with term and condition and you want that user just click on agree button and get connection.
    Yes you can create a SSID with WPA/WPA2-psk.
    Check this Wireless LAN Controller Layer 2 – Layer 3 Security Compatibility Matrix
    http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/106082-wlc-compatibility-matrix.html
    Regards
    Dont forget to rate helpful posts

  • Guest Splash Page with Cisco WLCs Help

    Hi,
    I need some guidance using Web Authentication / Web Pass-through to create a mandatory splash page that is presented to users of our guest WLAN.  Currently our guest WLAN is wide open, users connect and go straight through to get Internet Access. Here's what we'd like to accomplish.
    1. Have the page hosted on an external web server (i.e not on the controller)
    2. Present Terms of service
    3.
     a. Present an optional field to enter an email address & date of birth (DOB) to opt in for marketing purposes
            OR
     b. Present a mandatory field to enter an email address with an optional check box and DOB to opt in for marketing (the idea behind option b, is that whether they opt in for marketing or not, we could still some how use the email as a username, but not require a password.  In the hopes of then using this as a unique identifier in the WLC for troubleshooting / reporting purposes)
    4. At the very end, have an "I Agree" button
    5. Re-direct to our copmany's public facing website
    Our controllers are 5508s, running 7.4.121.0.  I more or less have an idea of how to accomplish this, but I've never used Web Auth / Web Passthrough with a Cisco Controller before, so I'm hoping someone can clear up a few things for me.
    1. Am I correct that, when using an External server to host the login.html page, we must use Web Authentication, since Web Pass-through is only an option when using an Internal Page? Web Pass-through seems ideal for us, since we don't care about credentials, but from what I'm reading, it seems restricted to Internal (on the Controller) deployments only.
    Based on these
    http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/115951-web-auth-wlc-guide-00.html#passthrough
    http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/116879-configure-wlc-00.html
    http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/107474-web-pass-config.html
    2. If Web Pass-through is not an option when using an External deployment, is there any way we could use an email address as a username, but not require a password?  If not, is hiding the username/password fields in the html code of the splash page, and using a single pre-configured default username / password the only other option ? As described here: https://supportforums.cisco.com/discussion/10847046/unsecured-guest-access-customizable-splash-page-and-logo
    3. It sounds like SSL cert warnings may be an issue even if we use an External deployment, because the controller still acts as a middle man.  Is this correct, and is the best fix to install a valid 3rd party cert on the controller?
    P.S. I’m aware of the Big Brother type things that can be done with Cisco MSE and Connected Mobile Experiences, as far as guest tracking / marketing / analytics go. However, that’s way more than we’re looking to do at this point.
    Thanks in advance for any guidance you can provide!

    Hello Jonathan,
    The idea you have is fine, the only exception is the extra fields of information that you want to collect. From the WLC perspective this is not possible to gather.
    The example given on https://supportforums.cisco.com/discussion/10847046/unsecured-guest-access-customizable-splash-page-and-logo looks very interesting, and as long as the WLC receive the information it needs to authenticate the client, you can modify the HMTL code as you want. However, as somebody state on that post, Cisco provides the html example, but we do not really support the html content creation or modification.
    Anyway below on answer #2 I am giving you an idea that could work (again Im not html expert I don't know if that could be achieved that way) maybe you can have a better idea.
    To answer your queries:
    1) The customized web-passthrough page can be hosted on an external Web Server.
    When the pages are on an external webserver, the passthrough is still performed on the WLC, just the pages reside on the external server. It is a good idea to be sure that the pages come up ok on the external server without webauth involved since webauth will not work unless the external webserver works
    2) We have examples of what HTML content a customized Web Passthrough page should include. If you add extra fields on the HTML code (like email address & date of birth), the WLC won't be able to handle this data and most probably you won't be able to gather this information from the WLC , unless you customize the web page in such way that it sends the fields email address & date of birth to another server (rather than to the WLC) to gather this information, but at the end what matter for the WLC is to receive the click on the "Accept" button to authenticate the client.
    3) Regarding the certificate, there are two options, the cheapest and easiest is to disable HTTPS for web authentication. Then, your guests will open an HTTP web page, without having the certificate warning.
    Whether or not you perform local or external web authentication, you still hit the internal web server on the controller. When you redirect to an external web server, you still receive the certificate warning from the controller unless you have a valid certificate on the controller itself. If the redirect is sent to https, you receive the certificate warning from the controller and from the external web server, unless both have a valid certificate.
    In order to get rid of the certificate warnings all together, you need to have a root level certificate issued and downloaded onto your controller. The certificate is issued for a host name and you put that host name in the DNS host name box under the virtual interface on the controller. You also need to add the host name to your local DNS server and point it to the virtual IP address (1.1.1.1) of the WLC.
    This link provides information about WebAuthentication on an External Web Server, however exactly the same applies for Web Passthrough:
    http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71881-ext-web-auth-wlc.html
    Also, you can download the WebAuthentication bundle, with the examples and some useful information about different customized web pages, it can be used as a template to build your page. Here you will see that Web Passthrough to an external server is indeed a valid option, when you download and unzip it, open the "readme.html"
    https://software.cisco.com/download/release.html?mdfid=282600534&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest
    Hope this helps

  • WLC 5508 Web Auth Splash Page: Is it possible to place a download?

    Hi,
    I know it is possible to create custom web auth splash pages on the WLC 5508. Is it also possible to embedd a small document (less than 1MB) that users can download directly from the controller? I need this for providing the terms of use for the Guest WLAN.
    Thanks
    Michael

    It could be done, but you will want to stay within the limits of the WebAuth bundle size (~ <10MB I believe).  This shouldn't be a problem considering a .doc size, but I have to ask the same question.   Why would you want to do this as opposed to just putting your terms of use inline to the page as just text/html?  Maybe there is a good reason, but I can't really think of any scenario.  Feel free to elaborate.

  • WLC 4400 and multiple authentication servers e.g. RADIUS, ACS

    WLC 4400 and multiple authentication servers e.g. RADIUS, ACS
    Can the WCL 4400 be set up to use multiple RADIUS servers? The user accounts for accessing wireless would use a RADIUS server. The administrative accounts for the WLC would reside on an ACS server.

    Yes, that is correct. You can set acs to use both radius and tacacs.
    For this you need to add WLC twice in acs-->network configuration. But you need to keep host name different.
    eg 1) Host name WLC --->IP x.x.x.x -->Auth using -->radius
    2) Host name WLC1--->IP x.x.x.x --->Auth using -->Tacacs.
    You need to set up tacacs commands on WLC along with radius commands.
    Regards,
    ~JG
    Please rate helpful posts

  • Splash Page in WLC 2500 Series

    Can someone tell me if there is Splash Page feature in the 2500 WLC ? I cannot find any Cisco document which says it has that feature ?

    Yes, Its available. 
    Here is a link that points to a configuration guide for a wlc 2500, 7.5.
    http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/config_guide/b_cg75.pdf
    "The splash page web redirect feature is available only for WLANs that are configured for 802.1X or
    WPA+WPA2 Layer 2 security with 802.1x key management."

  • ISE WLC 4400 configuration

    Up until now, my experience has been with 5500 controllers and ISE.
    My customer is using 4400 controller, on 7.0.240 code.
    I cannot locate any documents referencing 4400 controller configuration for webauth, named ACLs, posturing, etc...
    Does anyone know of any documents, or have experience that can assist with this configuration?

    Michael,
    Depending on the version of ISE software you are running, you may be in luck.  The information below is for 1.1.x.  If you are using v 1.2, you may have to tweak a bit.
    In this first document, you can see the WLC 4400 is supported and Local Web Auth is supported, with the following caveat:  “Wireless (An ISE Inline Posture node is required if the WLC does not support CoA as discussed in Footnote #4. WLCs with the code specified in this table do support CoA without an ISE Inline Posture node)”
    http://www.cisco.com/en/US/docs/security/ise/1.1/compatibility/ise_sdt.html#wp55038
    Of course, with an IPN, your posturing  (and CoA) is handled here.
    DACLs are also supported on the WLC 4400.
    Per User ACLs are covered in the following document:
    http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00808b041e.shtml
    I think you will find that if you substitute the ACS pages with the corresponding ISE interface pages, this can be done.
    Please feel free to ask any additional or follow-up questions.
    Also, please let me know if this fixes your issue.  If it does, please rate this answer and mark your question as Answered.
    Charles Moreton

  • Cisco 5508 Wireless Controller with Splash Page Disclaimer

    How do one configure a splash disclaimer page on a Cisco Wireless Controller 5508 with no authentication?
    Jimmy

    There are many options to you in this scenario, but if you're looking to simply provide a splash page via the WLC without interacting with any other web servers, you can configure Local Web Authentication (LWA) as seen in this configuration example.
    http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/69340-web-auth-config.html?referring_site=RE&pos=1&page=http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71881-ext-web-auth-wlc.html
    If you are not wanting the authentication, you can choose the "passthrough" method which will not require any credentials, only accepting an AUP or whatever you want.

  • WLC 4400 4.2.176.0 Ver and Windows Vista

    We recently upgraded our WLC 4400s to 4.2.176.0. This was requested by Cisco. When the students returned from Christmas break, any student running Vista is able to authenticate to the AP, get an appropriate IP address and DNS configuration, but cannot get to any network resources, including Internet. If we hard code the DNS information in the wireless card TCP/IP Properties, the user can get to some Internet sites, but no HTTPS pages.
    All XP and MAC machines appear to be working fine.
    Any thoughts?

    The problem is that its not deauthenticating the user, its just dropping completely and disabling the windows zero configuration in the services.  I do not know how or what in the WLC would do this?  I really dont think this is anything that I can control.  I am guessing that there is an internal conflict on the pc.  I have been told that the image used to image the machine has had the manufacturers wireless client utility removed.  I did find a DW Utility in the services list.  I think that is my problem.  I did however go ahead and upgrade them to 5.2.193.  All I can do is have the customer monitor and see what happens.  Will post an update when I get one.

  • Custom Web Auth Splash Pages

    I've seen it menitoned in a few places that there are sample web auth splash pages located on the WLC that can be uploaded and modified. I've also hear that there are some sample pages on Cisco's website, but I am unable to find them in either location. How do I access these sample pages? 

    Jason,
         The sample web-auth bundle is located in the same location as the download for the controller code.
    http://www.cisco.com/cisco/software/type.html?mdfid=282600534&flowid=7012
    there is a link there for the Webauth bundle
    HTH,
    Steve
    Please remember to rate helpful posts or to mark the question as answered so that it can be found later.

  • Cisco ISE web auth Splash page

    Was wondering if the splash page offered by Cisco ISE can be customized, or if it's necessary to redirect to an External server?
    Currently using a downloaded web auth pass-through splash page setup for guest access on a 5508 WLC, but have been asked to move this feature off the WLC and onto the ISE and then customize the page with company logo's and a couple graphics.
    Is this possible?
    Thanks in advance...

    Yes, but you will definitely need ISE 1.3. When creating the guest portal in ISE you would select the "Hotspot Guest Portal" option. This allows guest users to just agree to an AUP (Acceptable Use Policy) and then get Wi-Fi access.
    And yes, you can also perform posture assessment:
    http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-software/118741-configure-ise-00.html#anc9
    Thank you for rating helpful posts!

  • Splash page with animated gif only question

    Hello all:
    I have a splash page (index.html) that is designed using an animated gif created in photoshop. The rest of my site is Css/XHTML, but has some divs containing animated gifs. I have two questions;
    1: By using only the animated gif on the splash page, am I limiting or hindering my SEO (google, microsoft, yahoo) ranking opportunities as there is no "content" on the page that the spiders/bots can see? I went ahead and included some "content" but hid it by coloring the type the same as the background color hoping that might do something, but obviously I'm a SEO newbie so any suggestions are more than welcomed. I will include the code at the end of this post, and my site is: http://reynolds-marketing.com.
    2. Is there a way to pre-load the animated gifs on my pages so that they play more smoothly and efficiently?
    TIA for any of your help. Murman
    The code for the splash page:
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <title>Reynolds Marketing - The Marketing Resource Source</title>
    <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
    <meta name="description" content="Reynolds Marketing is a marketing services company offering a full spectrum of marketing services including: consultation, creative, production and logistical marketing services headquartered in Temecula, CA." />
    <meta name="keywords" content="Reynolds, Reynolds Marketing, marketing services company, marketing services agency, full spectrum of marketing services, full service marketing agency, marketing consultant, print creative, digital printing, offset printing, website design, website development, digital marketing, digital print on demand, DPOD,Video Production, Video Production, Direct Mail, Temecula, powerpoint presentations" />
    <link rel="shortcut icon" href="http://www.reynolds-marketing.com/favicon.ico"/>
    <!-- ImageReady Styles (index3.psd) -->
    <style type="text/css">
    <!--
    #index_ {
         position:relative;
         left:0px;
         top:0px;
         width:640px;
         height:480px;
         margin-left: auto;
         margin-right: auto;
    -->
    </style>
    <!-- End ImageReady Styles -->
    </head>
    <body bgcolor="#FFFFFF" text="#FFFFFF" link="#FFFFFF" vlink="#FFFFFF" alink="#FFFFFF" id="index_" style="background-color:#FFFFFF;">
    <p>
      <!-- ImageReady Slices (index3.psd) -->
    <img src="images/index.gif" alt="" width="640" height="480" border="0" usemap="#indexMap" id="index" /></p>
    <p>Reynolds Marketing offers a full spectrum of marketing communications services including: consultation, creative, production and logistical marketing services located in Temecula, California. Our services include marketing consultation, press relations, public relations, copy writing, print creative, direct mail creative, video creative, web creative, interactive creative. Print production, direct mail, video production, web page creation and production. Digital print on demand, fulfillment services, powerpoint presentations, marketing communications, marketing communications conformance. To find out more about our services, please go to <a href="http://www.reynolds-marketing.com/who_we are.html">http://www.reynolds-marketing.com/who_we are.html</a> . </p>
    <p>Site map:<br />
      <a href="http://www.reynolds-marketing.com/index.html">http://www.reynolds-marketing.com/index.html</a><br />
      <a href="http://www.reynolds-marketing.com/who_we_are.html">http://www.reynolds-marketing.com/who_we_are.html</a><br />
      <a href="http://www.reynolds-marketing.com/contact_us.html">http://www.reynolds-marketing.com/contact_us.html</a><br />
      <a href="http://www.reynolds-marketing.com/what_we_do.html">http://www.reynolds-marketing.com/what_we_do.html</a><br />
      <a href="http://www.reynolds-marketing.com/services.html">http://www.reynolds-marketing.com/services.html</a><br />
      <a href="http://www.reynolds-marketing.com/clients.html">http://www.reynolds-marketing.com/clients.html</a><br />
      <a href="http://www.reynolds-marketing.com/projects.html">http://www.reynolds-marketing.com/projects.html</a><br />
      <a href="http://www.reynolds-marketing.com/news.html">http://www.reynolds-marketing.com/news.html</a></p>
    <p>
      <map name="indexMap" id="indexMap">
        <area shape="rect" coords="296,434,342,444" href="who_we_are.html" />
        <area shape="rect" coords="228,451,286,461" href="who_we_are.html" />
        <area shape="rect" coords="296,451,353,461" href="what_we_do.html" />
        <area shape="rect" coords="364,451,416,461" href="contact_us.html" />
      </map>
      <!-- End ImageReady Slices -->
      <script type="text/javascript">
    var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
    document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
      </script>
    </p>
    <script type="text/javascript">
    try {
    var pageTracker = _gat._getTracker("UA-8703884-1");
    pageTracker._trackPageview();
    } catch(err) {}</script>
    </body>
    </html>

    My guess is yes, but that is just my opinion.  I believe the text/background same color idea was really in vogue back in the late 90's and we all heard that it was the kiss of death for SEO that the SE's hated them so much you got de-listed, not sure if that is a fact or not.
    My bigger concern would be how many people you are losing by making them wait to get to where they want to go.  I have told many a client that in some sense, the interent is too big, you have too much competition and people have thin patience for things like splash pages.  The ooo and aaa effect of animated gifs is long dead...again, in my opinion.
    I dont know the answer to your load question...
    Gray

  • Is there a way to create an intro splash page?

    Is there a way to creat a intro splash page that people can click through to the home page? I need the actual homepage to stay as the index.html. Any solutions?

    Hi James,
    Please check this discussion and see if that helps you - html - how to force link from iframe to be opened in the parent window - Stack Overflow
    If you need more clarification on this, please share your site's url so that I can see what's happening on your site.
    - Abhishek Maurya

  • I am unable to get beyond the "sync with iTunes" splash page after connecting my iPhone; every tab is grey. What gives?

    I am unable to get beyond the "sync with iTunes" splash page after connecting my iPhone; every tab is grey. What gives?

    Is the computer the one the device normally syncs with?
    If not, sync with the computer it normally syncs with.
    If it is, place the device in DFU mode (google it) and restore.

  • How do I make a splash page?

    Well I am wanting to make a splash page  so would like  a lot of information about them so I can make a good one or good starter one and thank you in advance.

    To make sure we're on the same page, do you mean a "splash page" as in a "graphic/whizbang rich, look what I can do style, first thing the visitor sees" page?
    The best advice I can offer if that's what you mean is: Don't do it.
    The days of the "splash page" are far behind us now. If you want the best possible rankings in the search engines, don't use up your most valuable website real estate on something the search engines can't see or ignore intentionally. Don't force your visitors to have to "go through all of that again" just to get to your actual content when they come back to your site.
    Your home page should be filled with keyword rich AND relevant html text (not blocks of spammy keywords) so search engines have something to sink their teeth into. If you want to show off, make a portfolio section on your site and put all your "look what I can do" info and ideas there.

Maybe you are looking for

  • How to use Hotmail account to sign in to Samsung T...

    Before I could respond to this forum I was asked to sign in.  I was going to post something fairly snarky.  Then I was asked to create a Skype Name different than my hotmail account.  So I created one.  Hopefully this will answer MY question and that

  • Static between Apogee One and Logic 9...When track is armed but not recordi

    The static only happens when i sing into the mic or strum the guitar. It begins to happen when i have input monitoring enabled or the track armed (R). It slowly creeps up after a few minutes of NOT recording and just having the track armed. I can mak

  • No data Found for Query with hierarchy in 2004S SP10 in JAVA Stack

    Hello, I have typical issue while running the simple query in ABAP Web and JAVA Web (RSRT) with One row and one column. The char in the row is restricted with external hierarchy. If I run in ABAP web, I get the results. If I run in JAVA Web, No data

  • HT1338 when I try to Install Updates I get an error massage. Can anyone help?

    When I try to install updates I get an error message " an unexpected error has occured" This involves: Epson Printer Software update 2.11; iTunes 10.6.3; Airport Utility 5.6.1; Remote Desktop Client Update andd Java for Mac OSX 10.6 Update 9. I also

  • Scaling problem when printing

    For some strange reason, when I open any application and go to print a document, it prints at 90% scaled. Some of the documents print our landscape and others portrait. How to I reset my Mac so that when i print out a document from any application th