Need my custom webauth page displayed with HTTP instead of HTTPS

Unanswered Question
Feb 1st, 2007

I have a custom webauth page installed that I am using with web passthrough authentication on my WLC2006 in order to put up a acceptable use policy page.

The WLC uses HTTPS to display this which causes a security certificate warning to appear if I go with the WLC's own self-signed certificate. Is there a way I can get the WLC to use plain HTTP to display this page instead so I can eliminate the warning?

I have already tried installing a trusted 3rd party certificate on the WLC, but I have this very strange problem where mucking with the WLC's web authentication certificate in any manner causes all network activity on the WLC to break except for CDP and ARP, essentially leaving the WLC dead. Three weeks of troubleshooting with Cisco TAC has yielded no progress on that front so now I am trying to bypass the need for a security certificate altogether since I really don't need to encrypt my acceptable use policy page.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
cuevas Thu, 02/01/2007 - 13:55

I've run into a similar problem, and TAC couldn't assist. Pretty much they said it was a code issue.

My question to you is...how did you create your own custom webauth page? I'm trying to do that and can't seem to be able to download the webauth bundle FROM the WLC.

npritchett Thu, 02/01/2007 - 14:43

The documentation doesn't provide very clear direction, does it?

To download the WLC's default webauth page, browse to the controller's Security > Web Login Page. Make sure the web authentication type is Internal (Default). Hit the Preview button. Then use your browser's File > Save As... menu item to save the HTML into a file. Edit this to your liking and bundle it and any graphics images up into a TAR archive, then upload via the controller's COMMAND page.

cuevas Thu, 02/01/2007 - 14:46

no the documentation doesn't provide very clear directions. it just assumes you know.

I will try that. thanks alot!!

James Wilkinson Tue, 03/13/2007 - 08:28

I too am having an issue here and would be content to either have the page redirect to http or successfully take the 3rd party certificate. When I did install the cert the client PC being redirected says it is being redirected to a trusted site and then doesn't go there when you select "yes". Anyone have any progress here?

mmatulevich Thu, 03/15/2007 - 11:57

I am also interested in hearing any progress on this idea. Guests joining the network with a passthrough page with nothing more than an acceptable use policy should not have to deal with certs and security warnings. Any progress here please post!

npritchett Tue, 03/27/2007 - 09:31

Cisco TAC informed me that getting it to display in plain HTTP was not possible, so I went ahead and purchased a trusted certificate.

Perhaps we need to submit a new feature request? I really fail to see why I need to spend a couple hundred dollars to allow my guests to see an AUP page. I could be spending the money on more Cisco access points instead.

Thomas Obbekaer... Mon, 10/01/2012 - 11:37

Did you ever get this to work ?

I have just tried this with a custom page and it failed when I disabled https globally (and just enabled http) on the controller.

The funny thing is that the internal webauth with passthrough worked fine with only http ?

(Setup: WiSM - 7.0.230)

George Stefanick Mon, 10/01/2012 - 11:41

7.2 supports the need to disable HTTP on the guest page while still keeping HTTPS on the WLC for access.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

George Stefanick Mon, 10/01/2012 - 12:10

Sorry, I mean 7.3 .. not 7.2 ..

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

Scott Fella Mon, 10/01/2012 - 19:18

George... it's 7.2 that you can disable webauth https but still use https for management. I believe 7.2.110.0 had a bug, but it was fixed in 7.2.111.3. I don't know for sure though.

config network web-auth secureweb disable

Sent from Cisco Technical Support iPad App

George Stefanick Tue, 10/02/2012 - 07:50

Scott thats for keeping me on the narrow ..

Tom, if you only have a WISM 1 you wont be able to load 7.2 code on this platform.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

npritchett Mon, 10/01/2012 - 11:45

I have not made the attempt since 2007.  My understanding is that the situation is still the same if you are using a custom webauth page.

Thomas Obbekaer... Mon, 10/01/2012 - 11:48

OK.

So just so I can get this into my brain.

http works with internal webauth, but not custom pages on pre. 7.2 ?

And the "whole" thing works on 7.2+ ?

Actions

This Discussion

 

 

Trending Topics - Security & Network