cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
763
Views
0
Helpful
4
Replies

Interaction with users logging into wireless network

zheka_pefti
Level 2
Level 2

Hello everyone,
I wish someone can share your opinion or advice on how I can interact with the user who logs into the wireless network.

This a story. Our customer has deployed around 20 WAP with WLC and now  they want to limit a number for logins per user ID to just one.

There's a way to do it with WLC while doing Web-Auth but the problem is that once the user exceeds the number of logins from his mobile devices or laptop he is not able to see why he is denied. The authentication just silently drops his connection attempt and he has no idea why he is denied.

Any possible extention that could be avalaible in ISE. I need to send the user kind of popup message telling him something like "you exceeded the number of allowed logins"

Eugene

4 Replies 4

George Stefanick
VIP Alumni
VIP Alumni

This sounds more like a training issue. If the policy says 3 devices, then the user should be able to manage that pretty easy. If they cant, the employee should question their skill set..

What security are you using ? You mentioned you are using WEB AUTH is that right ? So what is managing the user accounts; WLC, AD, or LDAP ?

Thanks

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Hi George,

Thanks for coming back to me. The client has an AD as an identity store and yes, the Web Auth authenticates the user against the AD while having open authentication protocol. I mean no PSK or anything like that.

Didn't get your point about the training issue

I may not described it explicitely but this limitation is already set on the WLC. There's a way to do it under the Security section in WLC GUI and I set to to 1. Now I need to send the user the message saying why he is denied.

The WLC will return certain error codes when a user tries to logon with a web auth page. The WLC will return status code 3 when the username can't be used. Simply adjust the text to what message you want to display to the user.

Look at the webauth_bundle-1.0.2.zip on CCO underneath 5508 WLC for example. If you look at the login.html file of any of the bundles you'll see what I'm talking about.

Of course this is all up to the end browser interaction if this page is displayed. Some will use a popup, I prefer to have the login page itself have a place for the error message that your JavaScript would just update so that when the form is displayed again for the user they see this message.

I was only now able to get down to it. Downloaded the login.tar file from waa folder and tried to login again. No difference at all. Should I edit anything in the login.html file to have those codes active? I don't think those webauth_bundle become available in the controller just because I don't see the content of the Acceptable Use Policy page. How would I make it active in the Web Auth login page ? I see three options:

1) Internal (Default)

2) Customised (Downloaded)

3) External (Redirect to External server)

P.S. Actually, disregard whatever I said above. I should have selected second option "Customized (Downloaded)" and click "Apply" to enable web_auth forms. Thanks, Man !

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: