I currently use a 4402 WLC located in our DMZ to authenticate Guest users - local authentication is in place. I would not like to setup RADIUS authentication via a Cisco NAC server. In order not to affect current guest users, I created a new WLAN and configured with RADIUS server details under WLANs->Edit->Security. I can associate to new WLAN and obtain a DHCP address no problem, but when I browse to an external website, I do not get prompted for authentication from the RADIUS server. I don't see any auth requests hitting our firewal, so am assuming the problem is with the WLC config.
Can anyone provide any details of what config is required?
Security Policy - Web-Auth
Security-> L2 - None
Security-> L3 - Authentication
Security-> AAA Servers - Auth and Acc server set