Web Authentication Customized Login Page does not work.

Unanswered Question
Jun 9th, 2009

Hi Folks, greetings.

We are having a hell of a time trying to use a customized web authentication page on WLC 4404 (version 4.2.130.0) and even using the sample provided on Cisco Wireless LAN Controller Configuration Guide, we cannot login. The page is browsed and we can type in the username and password, but are not able to login. The authentication page is shown over and over again.

Did anybody out there had the same problem and found a solution? Is the sample code correct?

We would appreciate any help.

Regards,

AL

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
janesh_abey Thu, 06/11/2009 - 11:35

Hi Al,

could you confirm that under under virtual address on the controller you have provided the dns name as well in addition to the IP?

It will be worthwhile to have a look at the controller log as well while this is happening.

cheers,

janesha

alvaro.motta Tue, 06/16/2009 - 04:50

Hi Janesha, greetings.

We have found that the code had a minor bug that was fixed. Now it's working as expected.

Anyway, I'm curious about setting a dns address on the virtual interface. What would be the purpose? Can you provide a link that documents this configuration?

Thanks for replying.

Regards,

AL

Matthew Fowler Tue, 06/16/2009 - 16:28

Hi AL,

The domain name under the virtual interface is needed when you are using a 3rd party CA signed certificate (e.g. Verisign), instead of the default self-signed cert.

When a browser is checking a certificate for validity, it attempts to match the common name (CN) of the cert with the domain name in the URL. If these don't match, you get the security warning popup.

The thing with CA certs is that the CN cannot be an IP address, so the URL returned by the WLC redirect, must be a name resolvable by DNS. This is done by entering the name under the virtual interface and having it resolve to the virtual IP address on your DNS server.

-Matt

alvaro.motta Wed, 06/17/2009 - 05:30

Hi Matt, greetings.

Thanks a bunch for the clarification. Although we are using SSC, the information you've provided can be valuable should we go for a 3rd party generated certificate in the future.

Once again, thanks a lot!!!

Regards,

AL

Actions

This Discussion