Web Portal Guest Authentication

Unanswered Question
Jun 19th, 2008

I am finding conflicting information on Web Portal Guest Authentication. I would like to confirm that the guest username and passwords are encrypted (via https) between the client and the WLC during the redirect to the Virtual interface ( in my case).

What I found in a configuration document is as follow.... "Web authentication is supported only through HTTP. HTTPS is not supported. Because web authentication is tied to the management login on the controller, HTTPS login for management must be disabled and HTTP for management must be enabled.”

But at the same time, when looking at authentication page examples in the some config guides, the redirect page address is and not

Could someone confirm to me if the username and password are encrypted when exchanged between the user and the WLC?

Your support is appreciated



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Scott Fella Fri, 06/20/2008 - 19:19

Since you are using an ssl cert (Cisco or a 3rd Party), it is encrypted between the client and ap. Traffic from ap to wlc is not encrypted. Encryption and decryption is handled by the ap.

Hope this helps.

cdeeds Mon, 01/26/2009 - 13:53

This is kind of a late reply, but if you are interested in my two cents; I've learned that with the WLC guest authentication you can have either SSL or HTTP enabled for the user authentication.

If you have SSL enabled, the auth page defaults to the encrypted url, hence the auth page is encrypted along with the credentials entered onto the page.

I found this out when trying to get rid of the self-signed certificate errors users would get when they first authenticate on my guest wireless network. It's a pain to get a trusted cert working on this setup, so I just opted to use HTTP. The drawback to this, however, is that my web management connection to my anchor WLC is HTTP.

Lucas Phelps Tue, 03/10/2009 - 10:10


Your feedback is appreciated. I am also stumped on how to get a trusted cert for the URL. I'd be surprised if any trusted authority (GoDaddy, Verisign, etc) would hand out a certificate to a host with the name

If anybody else has any ideas on how to get a trusted certificate on this thing, please let us know. It drives my users nuts to have to click 'I accept' to a homemade certificate.

grzegorz.ciolek Wed, 03/11/2009 - 04:53


If you go to virtual interface and open its properties, you can add address to which should wlc redirect insted of This domain should be used for cert and should be translate to by DNS.




This Discussion



Trending Topics - Security & Network