CSCup98797 - DNS-Based ACLs only work with radius NAC
I,m trying to use DNS-based ACL with pre-authentication ACL, in order to allow access to some URL's before the client will be authenticate by external captive portal without RADIUS
In the bug search web, this bug appears as fixed, but i,m running 7.6.130 code in WLC 5500 and the behavior is the same, URL's has not effect because i,m not using RADIUS.
I see in the Cisco Wireless LAN Controller Configuration Guide, Release 8.0 the following advice:
DNS-based ACLs work only when RADIUS NAC (central web authentication or posture) are done on the SSID. DNS-based ACLs do not work with local web authentication or any other form of ACL other than a redirect-ACL used in the case of RADIUS NAC.
so in 8.0 code the behavior is the same as 7.6.130
I can't understand why Cisco WLC is not able to permit access using URL's instead of ip address without RADIUS, most manufactures can do it, even Meraki that now is part of Cisco can do this. Is imposible open thousand of ip address in the ACL if you want to open facebook or akamai for example.
There are few interoperability issues between 2960x and other vendors. In this article we will go over the steps on how to debug these issues.
Check the phy id from “show controllers ethernet-controller phy” output.
<snip from show controllers ethe...
It appears that you are trying to access end of life information from Cisco search. We have detected a problem with your script ("eol...) and would like to help. Please contact email@example.com if you would like support.
Cisco Licensing is pleased to announce the new Licensing Portal. It provides customers with an enhanced self-service experience by stream-lining and automating many licensing activities. Please take a moment to familiarize yourself with the fe...