07-25-2012 01:11 PM - edited 07-03-2021 10:27 PM
When a guest user first trys to access the "guest" WLAN, they are presented with a "certificate page" before the web athentication page / login is presented. The WLC forces an internal redirect to https://1.1.1.1 causing the certificate page to appear. Can this be bypassed? I am runiing 5508 with 7.0.220.0.
Solved! Go to Solution.
07-26-2012 12:02 PM
DNS is broke. The wlc needs to be able to resolve the users home page. If the wlc can't resolve the home page, you will not get the webauth page.
Sent from Cisco Technical Support iPhone App
07-25-2012 01:14 PM
You would need to upgrade to 7.2 to be able to set the Guest page to be HTTP only.
In the version you are on, you need to compeltely disable HTTPS (management as well).
HTH,
Steve
-----------------------------------------
Please remember to rate useful posts, and mark questions as answered
07-25-2012 03:43 PM
So I have upgraded but I cannot see where I have an option for HTTP in the Guest Login Page?
07-25-2012 03:56 PM
Like Steve mentioned, if you don't planning upgrading 7.2, then you need to disable https from the management http-https setting.
Sent from Cisco Technical Support iPhone App
07-25-2012 04:01 PM
Yes - understand. But now that I have upgraded, I can not find where I have teh option to turn off HTTPS for Guest Web Page.
07-25-2012 04:03 PM
In the CLI type
config network web-auth secureweb disable
Sent from Cisco Technical Support iPhone App
07-25-2012 04:18 PM
Did the command work?
Sent from Cisco Technical Support iPhone App
07-25-2012 04:30 PM
Still testing - seems some users are not seeing teh certificate page and others are bypassing any authentication. We are upgrading the NCS now and will test more tomorrow. Thanks for your input.
07-25-2012 04:34 PM
The others that bypassed are probably still authenticated to the wlc. You should remove them from the client list and test. NCS upgrade has no affect on this.
Sent from Cisco Technical Support iPhone App
07-26-2012 12:00 PM
So now we can not see any web page, and can not authenticate. Smart Phone devices show "unable to load web page?"
We do get an IP address (WLC is acting as DHCP for this Guest WLAN).
There have been a few changes .... WLC is at 7.2. WLC was moved to a new subnet and the Guest VLAN gateway placed into the DMZ.
We can ping the WLC interface for Guest as well as other Guest VLAN addresses. The Guest VLAN is shared with other non-WLAN devices.
We we turn of web authentication - we get through to internet.
Where do I look?
07-26-2012 12:02 PM
DNS is broke. The wlc needs to be able to resolve the users home page. If the wlc can't resolve the home page, you will not get the webauth page.
Sent from Cisco Technical Support iPhone App
07-26-2012 12:32 PM
Thank you - right on the button. Seems the DNS we had was being filtered. Found another one and the log in page comes up with no "certification" note.
Great!
07-26-2012 12:34 PM
That's good news!
Sent from Cisco Technical Support iPhone App
09-20-2022 12:39 AM
Hello Scott,
I am facing same issue ,Can you help me on this,i want to bypass certificate warning page through uploading certificate but which certificate it should replicate,Kindly guide.
regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: