WLC 5508 Web Auth Splash Page: Is it possible to place a download?

Similar Messages

• Custom Web Auth Splash Pages

  I've seen it menitoned in a few places that there are sample web auth splash pages located on the WLC that can be uploaded and modified. I've also hear that there are some sample pages on Cisco's website, but I am unable to find them in either location. How do I access these sample pages? 

  Jason,
       The sample web-auth bundle is located in the same location as the download for the controller code.
  http://www.cisco.com/cisco/software/type.html?mdfid=282600534&flowid=7012
  there is a link there for the Webauth bundle
  HTH,
  Steve
  Please remember to rate helpful posts or to mark the question as answered so that it can be found later.

• Cisco ISE web auth Splash page

  Was wondering if the splash page offered by Cisco ISE can be customized, or if it's necessary to redirect to an External server?
  Currently using a downloaded web auth pass-through splash page setup for guest access on a 5508 WLC, but have been asked to move this feature off the WLC and onto the ISE and then customize the page with company logo's and a couple graphics.
  Is this possible?
  Thanks in advance...

  Yes, but you will definitely need ISE 1.3. When creating the guest portal in ISE you would select the "Hotspot Guest Portal" option. This allows guest users to just agree to an AUP (Acceptable Use Policy) and then get Wi-Fi access.
  And yes, you can also perform posture assessment:
  http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-software/118741-configure-ise-00.html#anc9
  Thank you for rating helpful posts!

• WLC 5508 Web Auth and EAP / PEAP

     Morning all, I'm looking for some clarification.
  Current setup:
  I work in a school, a few years age I installed a 4400 WLC and several APs as a proof of concept exercise to see whether wireless technology would be of benefit to teaching and learning. It was deemed to be so.
  This summer I installed 2 x 5508 WLCs and increased AP coverage to 50 - copied over the configs from the old controller - all works fine.
  Currently only the staff can access the WLANs with the exception of a public WLAN in the canteen area.
  Because there are a limited number of devices, WPA2 in conjunction with MAC filtering was used. However the school wants to open the wireless network to all of the students - potentially this means up to 1000 devices that will no doubt change on a regular basis so MAC filtering is out.
  In line with child protection policies I need an 'auditable' trail when students access wireless resources.
  Planned setup:
  I have setup a test WLAN that uses Web Auth - the WLC is configured to pass authentication requests  ( through an ASA ) onto a RADIUS server which is tied into AD. I have a CA setup as well as a NAP server.
  There is no layer 2 security set on the test WLAN and layer 3 is just web authentication. From any mobile device I can authenticate against AD and gain access to the Internet.
  Clarification:
  With no layer 2 security the WLAN is exposed so I need to introduce some form of end to end encryption - so I am looking at deploying EAP / PEAP.
  Would the introduction of EAP / PEAP keep the network as secure as if I was using WPA2 ?
  Many thanks.

  If you are web authentication you cannot use dot1x as L2 security , so EAP is not an option.
  But you can use preshared security , like WPA2 AES with web auth to insure that the traffic is encrypted.
  or you can define a wlan profile with dot1x security on l2 and nothing on l3 , by doing so you would definetely hit the utmost security poossible.
  Check the following link which contain couple of EAP config examples:
  http://www.cisco.com/en/US/partner/tech/tk722/tk809/tech_configuration_examples_list.html
  Please make sure to rate correct answers

• WEB-AUTH Splash Page

  Hi All,
  I've got a very basic web authentication page working but need to include a CHECK BOX to verify a user has read the T&C's. Got the checkbox to display but need the script code to disable (when not checked) either username/password input or the submit button. Any of you bright guy's managed to do this or anything similar.
  Web splash attached.
  Thank for any replies,
  Jay  

  Guy's sorted it
  if(!document.getElementById('agree').checked){
       alert('Please agree to the terms and conditions.');
       return false;
     }else{
     var link = document.location.href;
        var searchString = "redirect=";
        var equalIndex = link.indexOf(searchString);
        var redirectUrl = ""; if(!document.getElementById('agree').checked){
       alert('Please agree to the terms and conditions.');
       return false;
     }else{
     var link = document.location.href;
        var searchString = "redirect=";
        var equalIndex = link.indexOf(searchString);
        var redirectUrl = "";
  Thanks anyway!

• PALM with WLC 4400 (Web Auth Portal)

  We cannot get the Web Portal splash page to display on wireless Palm units....the site simply hangs. Is there any fixes out there for this problem. Thanks for all replies!!

  Has anyone else seen this Palm/WebAuth issue or found a fix? I am seeing this on our Palm devices too. Running 4.x code with internal guest auth, laptops work just fine with the https://1.1.1.1 redirect, but the Palm just hangs. Could it be the certificate is not valid and the Palm has no way to prompt for that message like a laptop. Any ideas?

• WLC 4402 web auth Internal login page

  Hi,
  We recently upgraded our code on our wlc and now our internal web auth page has a nice teal colored L shaped bar in the right upper part of the screen.
  Is there a way to edit the internal web auth page other than just uploaded a new bundle to the box?
  When I view the source of the preview page I can see the exact coding that is causing the issue.
  Thanks for any ideas.
  Code 4.1.185.0
  Craig

  The only way is to customized the code and then upload it to the wlc as a tar file. Of course, you will have to set the wlc to custom webauth and not internal webauth.

• WLC Custom Web Auth Bundle sample .tar file is not on WCS

  The WLC documentation would make it appear (or maybe previously) you should download a sample web auth bundle code from the WCS Templates. I was never able to find a sample .tar file on the WCS 7.0.172.0 templates.
  However I found on Cisco.com under Support > Downloads > Products >Wireless> Wireless LAN Controller Standalone Controllers> Cisco 5500 Series Wireless Controllers > Cisco 5508 Wireless Controller > Wireless Lan Controller Web Authentication Bundle-1.0.2  > webauth_bundle-1.0.2.zip
  It was updated in June 2011, some pretty good sample html code.
  The readme.html in the sample webauth_bundle-1.0.2.zip file has been very helpful , almost as good as the suppport community web page on custom web auth.
  https://supportforums.cisco.com/docs/DOC-13954

  WCS config guide 7.0.172 is correct
  http://www.cisco.com/en/US/docs/wireless/wcs/7.0MR1/configuration/guide/temp.html#wp1129979
  The bundle in WCS is downloaded through :
  configure->controller
  "select a command"-> download customized webauth bundle.
  Just tested it and it was there.
  The one on cisco.com is better though

• Web-Auth Admin Page not loading

  I have a WLC 2504 Controller which is set up for guest wireless using the Web-Auth feature / Lobby Ambassador.
  When I web browse to the Controller and enter my credentials no page is displayed.
  The log file displays the following error:
  #CLI-3-LOGIN_FAILED: cliutil.c:632 Login failed. User:lobby-admin, Service type:11. unknown service type.
  However when I run a debug aaa events I see the following event that the user passed authentication.
  *emWeb: Mar 17 18:54:53.120: Authentication succeeded for lobby-admin
  The wireless controller version 7.6.130.0
  There is genuinely nothing fancy about the set up and done these loads of times.
  I have tried this with Google Chrome, IE and Firefox using both HTTPS and HTTP and it's still exactly the same problem.
  Regards
  Greg

  Which authentication protocol do you want use and does the request from the WLC hit the correct policy on the authentication server?
  If you want to use radius as the authentication protocol you need to return the radius "Service-Type" attribute with value "Callback Administrative" for a lobby admin user. If you go with tacacs you need to use role based authentication. For example "role1=ALL" gives the user access to all the tabs in the GUI.

• Cannot connect to web auth login page

  Controller is vWLC 7.4, AP is 2600. Browser gets successfully redirected to 1.1.1.1, so DNS appears to work. However 1.1.1.1 does not respond. Wireshark in the client shows SYN frames but no response. I tried various debugs but nothing is shown on the WLC when the client attempts to reach the login page. 1.1.1.1 is not used in the local network and ends up at the default route. WLAN operates in central mode.
  The browser works when web auth is disabled, but when enabled in either "authentication" or "passthrough" mode any attempts gets redirected to 1.1.1.1 and times out at that point. Telnet to 1.1.1.1:443 failed also.
  Same on two different clients using different OS versions.

  I've tested it in two very different production VLANs having different DHCP servers. Any client connected to those VLANs, whether by Wifi or Ethernet, gets an IP address and can work normally. The Wifi client also works fine when L3 web policy is disabled. A client connected via AP successfully gets an IP address in any case. DNS resolution has been verified and the redirection to 1.1.1.1 also works. It's just the connection to 1.1.1.1 which fails, everything else up to this point appears to work.
  BTW: Is there a way to test the availability of the authentication web server on the WLC, locally? I can ping 1.1.1.1 successfully, but this only verifies the interface, not the web server. Normally I'd try a telnet to 1.1.1.1:443, but did not find anything similar on the WLC.

• WLC Customized Web Auth

  can i have a customized web auth portal loaded into the WLC? or i need to have an external server and load the customized web auth.                  

  Here is a link
  http://www.cisco.com/cisco/software/release.html?mdfid=282600534&flowid=7012&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest

• WLC 4400 web auth issues

  Hello,
  I am experiencing an issue with my model 4404 Wireless controllers that has plagued me for some time now. I have two controllers with 106 AP's split evenly between the two controllers. One of my SSID's is setup with web authentication.  I have one Radius server (Cisco ACS v 4.1). The problem only exists for the SSID that uses web authentication. Reports begin to come in that students cannot login to the wireless using the student SSID that uses web authentication. The student can get to the web authentication page, but when they put in their username and password both fields go blank. You can do this over and over with no errors, and the logs in the controller show nothing to indicate any issues (you don't even see the attempted login). I obtain one of the student logins for testing and here is what I have found. I attempt to login to the student wireless with this account and recieve the same results as the student. I have an AP in my office that I use for testing so I force it on to the other controller. At that point the account in question works. I can login without any issues. I force the AP back to the initial controller and experience the same issue, I cannot login. No error of bad username and password, just login fields that go blank. More reports come in that students cannot login and I find that all issues are related to this controller. The next morning I reboot the controller and everything works for a week or more and then it all starts over again. The next time it may be the other controller that is experienceing this issue. A reboot of the controller always fixes the issue for the short term. The issue appears to be controller related but I cannot pin it down.  I recently upgraded my controller code from 4.2.61.0 to 6.0.188.0 at Cisco's recommendation. Unfortunately the issue still exists. Scouring the forums produces a few other people encountering the same issue but none seem to have found a fix. Does anyone know if this is a known issue with this model controller?
  Thanks much for any help.

  Thank you for your response Dennis, it is greatly appreciated. I do not find any mount errors in the crash log. However I did finally find something in the message logs that I was unable to find before. I did not copy this message so it is not verbatim. The error message states that the user cannot be logged in possibly due to being logged in somewhere else. At that point I pour over every client on the controller even filtering by mac address. I see no evidence of the client being associated or authenticated. On a side note I can see the client as associated if the wireless card is enabled. Checking the ACS does not show a failed authentication. Again, rebooting the controller seems to clear some sort of radius accounting on the controller that I am unable to clear manually without a reboot. Thanks again for your response.

• Client Excluded ReasonCode on WLC for Web Auth

  Hi.
  I wonder if you can point me at a table that defines the Reason Code(s) for Client Exclusion Failure? See the example event log entry below from a Guest Controller for Web Authentication failure (that was resolved - Internet router down) but I was wondering if the Reason Codes would be useful in troubleshooting. Many thanks in advance.
  Tue Aug 28 10:45:31 2007 Client Excluded: MACAddress:00:16:6f:b3:20:0a Base Radio MAC :00:00:00:00:00:00 Slot: 0 Reason:Web Authentication failed 3 times. ReasonCode: 4

  I haven't tried it recently. But I'm afraid of this one :
  CSCsy88149 Chained certificate can not have Wildcard * character in hostname
  Even if bought at verisign or any root CA, your cert has a good chance of being chained since they very often use an intermediate CA. I know wildcard certs are supported but this bug seems to say that it doesn't work for chained.
  again, I didn't verify it mysefl

• WLC 5508 web passthrough without https

  Is there a way to not require https and a certificate for web passthrough this way when clients are redirected they do not get the certificate error?

  YOu need to use caution with this as has been said if you disable HTTPS it is global
  and your management sessions will only be via telnet  and guest logins will then be in the clear which may not fit with your security policy

• WLC 4402 Web Authentication, Mac Filtering and Layer 2 Seciruty

  Hi All,
  I have configured web authentication and Mac filtering on WLC 4402 for my wireless network and its working fine. I wants to configure layer 2 security for the same Wireless network without pre shared key. Could you please advice how to configure layer 2 security with web authentication withour preshare key.
  Is there any security issue with web authentication and Mac FIltering only? My concern in my wireless network shows open.
  Thanks,
  Kashif

  Hi,
  if you have a ACS, then you can do Web auth Splash page!!! Please refer to the below doc!!
  http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080956185.shtml
  Lemme know if this answered ur question!!
  Regards
  Surendra