WLC Customized Web Auth
can i have a customized web auth portal loaded into the WLC? or i need to have an external server and load the customized web auth.
Here is a link
http://www.cisco.com/cisco/software/release.html?mdfid=282600534&flowid=7012&softwareid=282791507&release=1.0.2&relind=AVAILABLE&rellifecycle=&reltype=latest
Similar Messages
-
WLC Custom Web Auth Bundle sample .tar file is not on WCS
The WLC documentation would make it appear (or maybe previously) you should download a sample web auth bundle code from the WCS Templates. I was never able to find a sample .tar file on the WCS 7.0.172.0 templates.
However I found on Cisco.com under Support > Downloads > Products >Wireless> Wireless LAN Controller Standalone Controllers> Cisco 5500 Series Wireless Controllers > Cisco 5508 Wireless Controller > Wireless Lan Controller Web Authentication Bundle-1.0.2 > webauth_bundle-1.0.2.zip
It was updated in June 2011, some pretty good sample html code.
The readme.html in the sample webauth_bundle-1.0.2.zip file has been very helpful , almost as good as the suppport community web page on custom web auth.
https://supportforums.cisco.com/docs/DOC-13954WCS config guide 7.0.172 is correct
http://www.cisco.com/en/US/docs/wireless/wcs/7.0MR1/configuration/guide/temp.html#wp1129979
The bundle in WCS is downloaded through :
configure->controller
"select a command"-> download customized webauth bundle.
Just tested it and it was there.
The one on cisco.com is better though -
WLC 4404 5.1.151.0 - custom web-auth bundle
Ultimately the user needs to see a custom "splash page" without having to authenticate. I have successfully installed a custom web-auth bundle that appears when the WLAN Web Policy is enabled, but without any authentication, there is no access to the outside.
Is what I'm trying to accomplish possible in some other way?You will not be able to do this unless you use some 3rd party hotspot utility. The main reason you should have an accept button is to be able to display a terms and conditions for users to read if they wish. This will protect you from an legal troubles. You can try to write a script on the html page (you can keep the page blank and hide everything) that will activate the accept button, that way you can redirect them to your web page.
Try to add this to your html page:
setTimeout("submitAction()",20);
Hope this helps... just make sure you keep you html page blank.... by setting the background and text to white or any color of your choice. -
WLC 5508 Web Auth Splash Page: Is it possible to place a download?
Hi,
I know it is possible to create custom web auth splash pages on the WLC 5508. Is it also possible to embedd a small document (less than 1MB) that users can download directly from the controller? I need this for providing the terms of use for the Guest WLAN.
Thanks
MichaelIt could be done, but you will want to stay within the limits of the WebAuth bundle size (~ <10MB I believe). This shouldn't be a problem considering a .doc size, but I have to ask the same question. Why would you want to do this as opposed to just putting your terms of use inline to the page as just text/html? Maybe there is a good reason, but I can't really think of any scenario. Feel free to elaborate.
-
Hi
I am trying to upload a customized web-auth bundle to a WLC 5508 and having some issues.
I have downloaded the web-auth bundle from Cisco and used this as a template to create the web pages.
I seem to recall that there is only a couple of Windows tools that you can use to TAR the file such as TUGZIP and IZARC. Anyway I have tried both and I still cannot get the file to extract. I have tried to strip the file out so that I only send up the login.html page and even this does not work.
I am using a software release 7.0.220.0
The error message I receive when I do a TFTP is
Error extracting webauth files.
Any help would be appreciated
Thanks
GregHi Greg:
I hope you find the answer here:
You can compress the page and image files used for displaying a web authentication login page into a.tar file for download to a controller. These files are known as the webauth bundle. The maximum allowed size of the files in their uncompressed state is 1 MB. When the .tar file is downloaded from a local TFTP server, it enters the controller's file system as an untarred file.
Note If you load a webauth bundle with a .tar compression application that is not GNU compliant, the controller cannot extract the files in the bundle and the following error messages appear: "Extracting error" and "TFTP transfer failed." Therefore, we recommend that you use an application that complies with GNU standards, such as PicoZip, to compress the .tar file for the webauth bundle.
Reference: http://tiny.cc/rbqbfw
So double check the size and tarring utility.
Try to use WinRar or 7Zip if the tarring format is the issue.
HTH
Amjad -
Having trouble with custom web auth page on 4404
Hi all
I am having trouble with a custom web auth page on my controller, we have edited the original file, but when we click login it goes to page cannot be displayed and it doesnt redirect to the page I want, however when I close the window and reopen it has already authenticated me.
Has anyone got a copy of some working html code I can use ?
cheersThere is sample Web Authentication bundle avaiable for download from cisco.com. if you go to the software download page and go to Wireless->Standalone Controllers->4404 you should see a link for Wireless Lan Web Authentication Bundle.
Its the same bundle whether you have a WiSM, 4404 or 2100 -
WLC 4402 web auth Internal login page
Hi,
We recently upgraded our code on our wlc and now our internal web auth page has a nice teal colored L shaped bar in the right upper part of the screen.
Is there a way to edit the internal web auth page other than just uploaded a new bundle to the box?
When I view the source of the preview page I can see the exact coding that is causing the issue.
Thanks for any ideas.
Code 4.1.185.0
CraigThe only way is to customized the code and then upload it to the wlc as a tar file. Of course, you will have to set the wlc to custom webauth and not internal webauth.
-
WLC 5508 Web Auth and EAP / PEAP
Morning all, I'm looking for some clarification.
Current setup:
I work in a school, a few years age I installed a 4400 WLC and several APs as a proof of concept exercise to see whether wireless technology would be of benefit to teaching and learning. It was deemed to be so.
This summer I installed 2 x 5508 WLCs and increased AP coverage to 50 - copied over the configs from the old controller - all works fine.
Currently only the staff can access the WLANs with the exception of a public WLAN in the canteen area.
Because there are a limited number of devices, WPA2 in conjunction with MAC filtering was used. However the school wants to open the wireless network to all of the students - potentially this means up to 1000 devices that will no doubt change on a regular basis so MAC filtering is out.
In line with child protection policies I need an 'auditable' trail when students access wireless resources.
Planned setup:
I have setup a test WLAN that uses Web Auth - the WLC is configured to pass authentication requests ( through an ASA ) onto a RADIUS server which is tied into AD. I have a CA setup as well as a NAP server.
There is no layer 2 security set on the test WLAN and layer 3 is just web authentication. From any mobile device I can authenticate against AD and gain access to the Internet.
Clarification:
With no layer 2 security the WLAN is exposed so I need to introduce some form of end to end encryption - so I am looking at deploying EAP / PEAP.
Would the introduction of EAP / PEAP keep the network as secure as if I was using WPA2 ?
Many thanks.If you are web authentication you cannot use dot1x as L2 security , so EAP is not an option.
But you can use preshared security , like WPA2 AES with web auth to insure that the traffic is encrypted.
or you can define a wlan profile with dot1x security on l2 and nothing on l3 , by doing so you would definetely hit the utmost security poossible.
Check the following link which contain couple of EAP config examples:
http://www.cisco.com/en/US/partner/tech/tk722/tk809/tech_configuration_examples_list.html
Please make sure to rate correct answers -
I've seen it menitoned in a few places that there are sample web auth splash pages located on the WLC that can be uploaded and modified. I've also hear that there are some sample pages on Cisco's website, but I am unable to find them in either location. How do I access these sample pages?
Jason,
The sample web-auth bundle is located in the same location as the download for the controller code.
http://www.cisco.com/cisco/software/type.html?mdfid=282600534&flowid=7012
there is a link there for the Webauth bundle
HTH,
Steve
Please remember to rate helpful posts or to mark the question as answered so that it can be found later. -
Custom Web Auth - Missing "Submit" Button
I have scoured every topic I can get my hands on here at NetPro regarding custom web authentication. I am currently supporting a customer that MUST use a custom web page for two reasons:
1. Cosmetically, and rightfully so, they would like to use their own logo. Well, why not just upload the custom image, you say? See point 2...
2. Their custom AUP is beyond the allowed 2047 characters in the default template.
So I used the default internal template for a test login, and viewed the source to grab the HTML code. I know how to read HTML, so I began commenting out the sidebar, text, and headers that I didn't want. I then inserted the custom logo and AUP text. Visually, the page is fine. However, when I preview the page, the "Submit" button is completely missing. This is true both locally, as well as when it is uploaded to the controller. I also uploaded from the controller the 'loginscript.js' file by selecting file type 'configuration' and inputting the name 'loginscript.js'. I am including that information as well because I know other people have posted asking how to get that, and I haven't seen anyone respond with such instructions. I figured it out on my own after trial and error. If it can be obtained via WCS, it would be nice if someone would post that (other than the same method I used, simply using WCS as the management tool instead of direct controller access). My controller is running code 4.1.185.0, same as my customer's controller. I modified the reference for the javascript source from src="./loginscript.js" to simply src="loginscript.js" because I am putting the script and the login.html file in the same directory. If there is a different directory structure required, I haven't found any documentation saying so other than another NetPro post indicating "Web Authentication_files" folder (whatever that means)? I also noticed that some folks are saying that such a page would have to be run on an External server. If so, why?
Regards,
ScottWeb authentication files are stored in Web Authentication_files directory which controllers can recognize. . If you want to use a different directory it is used on External Web server so that there is no conflct in the storage location.
-
PALM with WLC 4400 (Web Auth Portal)
We cannot get the Web Portal splash page to display on wireless Palm units....the site simply hangs. Is there any fixes out there for this problem. Thanks for all replies!!
Has anyone else seen this Palm/WebAuth issue or found a fix? I am seeing this on our Palm devices too. Running 4.x code with internal guest auth, laptops work just fine with the https://1.1.1.1 redirect, but the Palm just hangs. Could it be the certificate is not valid and the Palm has no way to prompt for that message like a laptop. Any ideas?
-
Client Excluded ReasonCode on WLC for Web Auth
Hi.
I wonder if you can point me at a table that defines the Reason Code(s) for Client Exclusion Failure? See the example event log entry below from a Guest Controller for Web Authentication failure (that was resolved - Internet router down) but I was wondering if the Reason Codes would be useful in troubleshooting. Many thanks in advance.
Tue Aug 28 10:45:31 2007 Client Excluded: MACAddress:00:16:6f:b3:20:0a Base Radio MAC :00:00:00:00:00:00 Slot: 0 Reason:Web Authentication failed 3 times. ReasonCode: 4I haven't tried it recently. But I'm afraid of this one :
CSCsy88149 Chained certificate can not have Wildcard * character in hostname
Even if bought at verisign or any root CA, your cert has a good chance of being chained since they very often use an intermediate CA. I know wildcard certs are supported but this bug seems to say that it doesn't work for chained.
again, I didn't verify it mysefl -
Hello,
I am experiencing an issue with my model 4404 Wireless controllers that has plagued me for some time now. I have two controllers with 106 AP's split evenly between the two controllers. One of my SSID's is setup with web authentication. I have one Radius server (Cisco ACS v 4.1). The problem only exists for the SSID that uses web authentication. Reports begin to come in that students cannot login to the wireless using the student SSID that uses web authentication. The student can get to the web authentication page, but when they put in their username and password both fields go blank. You can do this over and over with no errors, and the logs in the controller show nothing to indicate any issues (you don't even see the attempted login). I obtain one of the student logins for testing and here is what I have found. I attempt to login to the student wireless with this account and recieve the same results as the student. I have an AP in my office that I use for testing so I force it on to the other controller. At that point the account in question works. I can login without any issues. I force the AP back to the initial controller and experience the same issue, I cannot login. No error of bad username and password, just login fields that go blank. More reports come in that students cannot login and I find that all issues are related to this controller. The next morning I reboot the controller and everything works for a week or more and then it all starts over again. The next time it may be the other controller that is experienceing this issue. A reboot of the controller always fixes the issue for the short term. The issue appears to be controller related but I cannot pin it down. I recently upgraded my controller code from 4.2.61.0 to 6.0.188.0 at Cisco's recommendation. Unfortunately the issue still exists. Scouring the forums produces a few other people encountering the same issue but none seem to have found a fix. Does anyone know if this is a known issue with this model controller?
Thanks much for any help.Thank you for your response Dennis, it is greatly appreciated. I do not find any mount errors in the crash log. However I did finally find something in the message logs that I was unable to find before. I did not copy this message so it is not verbatim. The error message states that the user cannot be logged in possibly due to being logged in somewhere else. At that point I pour over every client on the controller even filtering by mac address. I see no evidence of the client being associated or authenticated. On a side note I can see the client as associated if the wireless card is enabled. Checking the ACS does not show a failed authentication. Again, rebooting the controller seems to clear some sort of radius accounting on the controller that I am unable to clear manually without a reboot. Thanks again for your response.
-
Unable to preview cust web auth from controller
Hi,
The custom web-auth is not able to test preview from controller, but it is able to display fine from the actual Guest SSID where guest are connecting from.
Version 4.1 able to test preview but not on the later newer releases.
Any idea
Thank youJust tested with 5.2, it is working fine.
Anyway, TQ -
Does anyone have a good resource to create custom web auth pages? I've modified the bundles from Cisco's website, but I am a terrible web designer. Just curious if anyone knows of a program to make these modifications easy for someone who doesn't have this skill set.
I use Microsoft Expressions, but I don't know if you call that drag and drop, You have a split window so you can see the code along with the browser. This way you can actually type on the browser preview and it will generate the code and vice versa. Here are some others, but might not be free:
http://www.ultraedit.com/support/tutorials_power_tips/ultraedit/integrated_html_preview.html
http://www.coffeecup.com/html-editor/
http://liveditor.com/index.php
Thanks,
Scott
*****Help out other by using the rating system and marking answered questions as "Answered"*****
Maybe you are looking for
-
Creation of Oracle managed objects - CF's and Destinations
Hi, Is there a way to create Oracle CF's and Destinations apart from AQJmsFactory. What I am looking for is creating these objects through reflection which most of the JMS providers support. This allows using the Generic JMS RA in javabean mode to ea
-
CS4 crashing (again and again)
I know we are not running snow leopard. We have tried reinstalling, messing with config files, messing with fonts (but not wiping from a clean slate but instead using a copy from a computer that is not having issues). I would love some help The error
-
Web pages don't display properly and I can't read the text on the web pages
so annoying i use chrome. try to use safari 2-3 times a year and it makes me want to throw my computer across the room.
-
Please let me know LDAP Configuration in Oracle Weblogic Server 10.3.2
Hi, Please let me know LDAP Configuration in Oracle Weblogic Server 10.3.2.Please give me the steps to configure the LDAP in weblogic 10.3.2.
-
How do I fix flash video stream stutter?
I have a ZBOX-ID84-PLUS-U HTPC with Integrated Intel Atom D2550 1.86 GHz Dual-Core and onboard NVIDIA GeForce GT 520M (512 MB), running windows 7 x64. I have been fighting with this thing for weeks, but cannot get flash video to stream from sites lik