07-19-2012 09:32 AM - edited 07-03-2021 10:25 PM
I have a Cisco 5508 running version 7.0.116.0. This controller hosts an open public wifi that requires users to accept a terms agreement via a Web-Passthrough setup that redirects them to the terms splash page. For most people this works without any issue. However, if a user has their homepage for their default browser set to a https site, such as https://www.google.com, then they are never redirected to the terms splash page. The page will just spin and spin until finally they get a timeout error.
Has anyone else had this experience? If so did you find a solution or is this some sort of short coming of the controller?
Any and all comments/information is appreciated!
Thanks,
Jim
Solved! Go to Solution.
07-19-2012 12:37 PM
07-19-2012 12:37 PM
This is a known issue (see bug ID CSCar04580).
07-22-2012 11:13 AM
Thanks for the reply rsreeves1. You have just solved a long standing "mystery" in my organization!
07-23-2012 10:53 AM
This issue is on 4400s as well. Just tested it ..
Good post ! +5
07-23-2012 10:55 AM
https has never worked from me, even way back in the days when I started implementing webauth.
07-23-2012 11:06 AM
LOL.. I guess I never came across this issue before now ..
07-23-2012 12:29 PM
By the way, this is not an issue if you configure the controller to use HTTPS for the passthrough page since it will redirect port 80 connections to port 443 (just not the other way around). As far as I'm aware, this is the closest you'll get to a workaround solution. Unfortunately, it's a bit of a hassle, primarily due to having to deal with the SSL cert.
If you decide to go this route, check out this terrific document, originally published by Nicolas Darchis:
https://supportforums.cisco.com/docs/DOC-13954
There's a LOT of extremely useful information here, including a section that covers how to manage web-login certs. I'd recommend reading through this entire doc whenever you have the time since it has several bits of info that I've never found anywhere else.
-Rob
07-27-2012 11:25 AM
Cisco will not fix this bug though this bug is 10years old.
it will not ever be addressed. In fact, it is really a bogus request - if someone has configured their home page as https://mybank.com/myaccount - and presumably they have a cert chain installed on their client to validate that server - then it would be fraudulent (in a sense) for us to try to present some bogus cert representing us as "mybank.com". We should never try to hijack someone's https session.
Modern systems (e.g. Windows 7) are smart enough to figure out whether a given WLAN wants webauth - that's the solution.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: