cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3955
Views
5
Helpful
8
Replies

Cannot connect to web auth login page

ankaisersk
Level 1
Level 1

Controller is vWLC 7.4, AP is 2600. Browser gets successfully redirected to 1.1.1.1, so DNS appears to work. However 1.1.1.1 does not respond. Wireshark in the client shows SYN frames but no response. I tried various debugs but nothing is shown on the WLC when the client attempts to reach the login page. 1.1.1.1 is not used in the local network and ends up at the default route. WLAN operates in central mode.

The browser works when web auth is disabled, but when enabled in either "authentication" or "passthrough" mode any attempts gets redirected to 1.1.1.1 and times out at that point. Telnet to 1.1.1.1:443 failed also.

Same on two different clients using different OS versions.

8 Replies 8

Amjad Abdullah
VIP Alumni
VIP Alumni

You use local or external page?
If local, you use default or customized page?

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

Plain default internal, without modification.

Connect a laptop to the vlan you are testing webauth or passthrough on.... if that machine can get an ip address and browser the internet, then everything on the wired side is fine and you need to look at maybe the configuration on the WLC.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

I've tested it in two very different production VLANs having different DHCP servers. Any client connected to those VLANs, whether by Wifi or Ethernet, gets an IP address and can work normally. The Wifi client also works fine when L3 web policy is disabled. A client connected via AP successfully gets an IP address in any case. DNS resolution has been verified and the redirection to 1.1.1.1 also works. It's just the connection to 1.1.1.1 which fails, everything else up to this point appears to work.

BTW: Is there a way to test the availability of the authentication web server on the WLC, locally? I can ping 1.1.1.1 successfully, but this only verifies the interface, not the web server. Normally I'd try a telnet to 1.1.1.1:443, but did not find anything similar on the WLC.

mmangat
Level 1
Level 1

Hello,

Here is a short cisco doc that will help you troubleshoot web authentication. Hope this helps:

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080a38c11.shtml

azore2007
Level 1
Level 1

It's a bug in the 7.4 train, I had the same issue and cisco tac gave me the bug ID, sadly its on my PC.

It works with 7.3 and in 7.5 when it gets released.

Check open cavets in the release note.


It only affects the virtual controller. Not the physical ones


Sent from Cisco Technical Support iPad App

Thanks for this information!

Scott Fella
Hall of Fame
Hall of Fame

Thanks for updating and posting what you found!

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: