4402 guest users authetication via Web (username and password)

Unanswered Question
Nov 21st, 2007
User Badges:

Hello Everyone,


We have an issue with Wireless controller model 4402 loaded with 4.0.179.11. This box has stopped authenticating (Layer3 security Web Policy based local usernames and password) last night.

Steps taken to resolve the issue:-

1) Created local usernames and password via Web and tried using wireless through Guest ssid, when user enters this information web page loops back to authentication.

2) Tried authenticating via another Laptop, had no luck.

3) Changed WLAN SSID Guest from Layer3 security Web Policy to Layer2 Security, created Mac filter table for guest on the Controller. Guest was able to connect to the internet.

We have not made any configuration change. As this issue affected all Users, we restarting the controller after which issue was resolved. As per my colleagues this has happened couple of times and every time restart fixes this issue.

Please shed some light on this.


Regards,

Mujahid


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Richard Atkin Wed, 11/21/2007 - 23:57
User Badges:
  • Silver, 250 points or more

Mujahid,


4.0.179.11 is now quite an old software release, and numberous feature-adds and bug fixes have been addressed since then. Before you get too bogged down in this, I'd suggest upgrading to 4.1.185.0, or even 4.2.61.0, and then trying again.


Regards,

Richard.

mujahid.khan Thu, 11/22/2007 - 00:00
User Badges:

Hello Richard,


Thanks for your reply on this. Do i need to keep anything in mind before i even decide on any Software version?


Regards,

Mujahid

Richard Atkin Thu, 11/22/2007 - 10:07
User Badges:
  • Silver, 250 points or more

Your main concern is the upgrade path. As you're currently on 4.0.179.11, you'll need to go via 4.0.206.0.


Also note that with the more recent software releases, there are two files released - a Bootloader, and the actual operating code.


You can quite happily run the 4.1 or 4.2 bootloader with 4.1.185.0, but I'd suggest you use the 4.2 bootloader with the 4.2 code.


Both file types are uploaded to the WLC in the usual way, and you will need to reboot the WLC after each upload, which will cause an outage on your network.


When your APs re-associate to the WLC, they'll automatically download the new code (operating code, not bootloader code). Presuming you're not in a bandwidth-constrained environment, a 4.1 or 4.2 WLC will take this long to upgrade the APs:


WLC Reload time (3mins) + 3.5mins per 10 APs


So if you have 5 APs, the total outage will last ~6.5mins. If you have 11 APs, the total outage will last ~10mins, etc...


If you're in any doubt, read the software release notes.


Regards,

Richard.

Rob Huffman Thu, 11/22/2007 - 06:16
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 IP Telephony, Unified Communications

Hi Mujahid,


Just to add a note to the great advice from Richard (5 points for your good work on many posts Richard!)


Have a look at these bugs that I'm pretty sure we were hitting with this WLC Version as well;


CSCsi91600 Bug Details


Internet Explorer redirects to login page with webauth due to cache

Symptom:

Client using IE, and web authentication has passed authentication, Policy Manager is in a RUN state, and when the user clicks on the "home" button, or types in the address of their normal homepage, they are continually redirected to the web-auth page



Conditions:

Client using IE, and web authentication has passed authentication, Policy Manager is in a RUN state, and when the user clicks on the "home" button, or types in the address of their normal homepage, they are continually redirected to the web-auth page



Workaround:

Enable IE client to check for newer versions of stored pages on "every visit to the page" option instead of "automatically" (default).


Tools -> Internet Options... -> Temporary Internet files -> Settings... -> Check for newer versions of stored pages: Every visit to the page.


1st Found-In

4.0(179.11)


Fixed-In

4.1(176.6)

4.1(177.0)

4.1(181.0)

4.2(31.0)

4.2(61.0)




Related Bugs

WLC Web-auth homepage leads back to reauth page if redirect URL is used

In a web-auth deployment with or without guest anchoring. If the redirect url is populated, the users homepage will no longer be able to be reached. Whenever the user navigates back to his homepage it will show the reauth page and the user will no longer be able to reach their homepage. Homepage leads back to reauth page if redirect URL populated



CSCse90894 Bug Details


Internet Explorer redirects to login page with webauth due to cache

Even after the commit of CSCse03666 - which added the following line to the

default webauth HTML -




IE 6 continues to redirect its home page back to the webauth login page.

This is due to a known bug in IE.

1st Found-In

4.0(155.5)


Fixed-In

3.2(193.4)

3.2(193.5)

4.0(206.0)

4.1(171.0)


Hope this helps!

Rob

jain.nitin Thu, 03/27/2008 - 08:49
User Badges:

Well.Guys We are also facing same issue which is mentioned by mujahid. We have WiSM with 270 APs. We have guest ssid with web-auth enabled.we are running 4.2.061 code. It was working fine till last week, now suddenly it keeps getting off. Users are not getting web-auth login page. We had to disable the web-auth & reenable it then it again starts working. I dont know wht to do in this case. didnt find any log..whts going on in background.


need help to resolve it.


Thanks

NK

Actions

This Discussion