Wireless guest and HTTPS sites issue

abouassab · ‎12-07-2009

Dear all,

I'm experiencing an issue with wireless guest, when accessing a site with https, the traffic is not intercepted by my controller, http sites are intercepted without any issue, I've found a document where this issue is mentioned as bug ID CSCar04580

http://cisco.biz/application/pdf/paws/108501/webauth-tshoot.pdf

could you please let me know what the fix is?

Thanks,

dancampb · ‎12-07-2009

This is the correct behavior by default. The controller looks for the HTTP Get request to redirect to the webauth login page so its only watching for port 80. When they are trying to hit a HTTPS webpage the request is on port 443 so by default the controller doesn't redirect to the webauth page. You can try adding port 443 to the list of ports that the controller will watch to redirect to the authentication page.

Matthew Fowler · ‎12-07-2009

config network web-auth-port

abouassab · ‎12-09-2009

Thanks for the feedback, however I've added the 443 port and the traffic

is still not redirected.

AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80,443
Fast SSID Change ........................... Disabled
802.3 Bridging ............................. Disable

Any other suggestion?

Thanks,

Aziz

Matthew Fowler · ‎12-09-2009

Looks like you were initially correct with your observation - it's a no-go due to CSCar04580.

The cisco.com version of the document is at http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080a38c11.shtml (search for CSCar04580). The way forward would be to contact your Cisco account team and request the feature if it is needed.