Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
359
Views
7
Helpful
6
Replies

Guest WLAN question

Go to solution
Colin Higgins
Level 2
Level 2

‎11-12-2013 08:19 AM - edited ‎07-04-2021 01:15 AM

On the Cisco 5508 WLC, is the guest WLAN function limited only to http/https traffic?

I want to enable users to

1. Connect to the guest WLAN without client-side configuration (these would be outside users with laptops)

2. Authenticate with the local controller database

3. Use other protocols in addition to http/https

For instance: if they need to FTP a file up or down from an extranet

Is this possible to do?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Colin Higgins

‎11-12-2013 08:38 AM

Yes that is correct. Webauth or pass through uses either http or https. That is why you see those protocols. Doesn't mean the WLC only allows that. You just block what you want on the ASA.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎11-12-2013 08:22 AM

1. Connect to the guest WLAN without client-side configuration (these would be outside users with laptops)

> you would setup an open authentication with a captive portal page in which the user can just hit accept to access the guest wireless.

2. Authenticate with the local controller database

> you can setup webauth for guest users to login using a username and password that is locally stored on the WLC.

3. Use other protocols in addition to http/https

For instance: if they need to FTP a file up or down from an extranet

Once they are authenticated, they can do whatever your network allows.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎11-12-2013 08:24 AM

Here are some links to review.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008067489f.shtml

https://supportforums.cisco.com/docs/DOC-13954

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Go to solution
Colin Higgins
Level 2
Level 2

‎11-12-2013 08:35 AM

So there is not some kind of inherent limitation in regards to traffic that is defined on a guest WLAN?

In this scenario, it is very simple. I have a controller connected directly to an ASA firewall. So aside from assigning ACLs on the controller or ASA, authenticated clients will be able to do whatever they want on the Internet (in terms of ports, applications, etc.)?

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Colin Higgins

‎11-12-2013 08:38 AM

Yes that is correct. Webauth or pass through uses either http or https. That is why you see those protocols. Doesn't mean the WLC only allows that. You just block what you want on the ASA.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Colin Higgins
Level 2
Level 2
In response to Scott Fella

‎11-12-2013 08:40 AM

Great, thanks Scott

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Colin Higgins

‎11-12-2013 08:54 AM

No problem. Just follow the doc and it should be pretty simple to setup.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card