Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Cisco 5500 Wireless controller



I have an issue with my guest access, when they access the ssid from the wifi, they try to go to and the login portal ( is not showing.


If I put manually some times the web page will open and some times it will not open.


Any ideas?



VIP Purple

HI,If it connects to IP but


If it connects to IP but will not resolve a name means its definitely a DNS problem.

Check the cleints are getting DNS server details that its pingable and that the WLC/firewall etc are passing DNS traffic etc..



Community Member

Hi all, The version I have is

Hi all,


The version I have is and the issue is that sometime the will work manually and sometimes it will not even open.



Community Member

Hi,using the web gui, check


using the web gui, check into "Controller > Interfaces > virtual" if "DNS Host Name" is filled or not. If it is, then the guest clients will have to be able to resolve that name with (usually with an A record in the provided DNS).

In the WLAN configuration, are you using a "Preauthentication ACL"? If so, please put as allowed.

Have you tried with different browsers? The page at is an https resource, with a self signed certificate that some browsers could not love so much :)

Best regards,


Cisco Employee

On WLC versions earlier than

  1. On WLC versions earlier than, you must manually enter in order to navigate to the web authentication window.

    The next step in the process is DNS resolution of the URL in the web browser. When a WLAN client connects to a WLAN configured for web authentication, the client obtains an IP address from the DHCP server. The user opens a web browser and enters a website address. The client then performs the DNS resolution to obtain the IP address of the website. Now, when the client tries to reach the website, the WLC intercepts the HTTP Get session of the client and redirects the user to the web authentication login page.

  2. Therefore, ensure that the client is able to perform DNS resolution for the redirection to work. On Windows, choose Start > Run, enter CMD in order to open a command window, and do a “nslookup"; and see if the IP address comes back.

    On Macs/Linux: open a terminal window and do a “nslookup"; and see if the IP address comes back.

    If you believe the client is not getting DNS resolution, you can either:

    Does entering this URL bring up the web page? If yes, it is most likely a DNS problem. It might also be a certificate problem. The controller, by default, uses a self-signed certificate and most web browsers warn against using them.

Cisco Employee

Try changing method list for

Try changing method list for CWA to dot1x/group

Enable Fast SSID Change

On the Wlan Advanced tab: disable client timeout, client exclusion, MFP, Aironet IE

CreatePlease to create content