Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Web Authentication using RADIUS

Not sure if this has been asked or covered.

We have a 2106 (running I was wondering if there was a way to setup a WLAN that uses Web Authentication, where that would use a RADIUS server to authenticate the user instead of having to manually create 'Local net Users' for each user? Basically I want the Web Authentication to look at the RADIUS server instead of the Local Net Users.


Re: Web Authentication using RADIUS

Using the Web Authentication feature on a Cisco wireless LAN controller, we can authenticate a guest user on the wireless LAN controller, on an external web server or on an external database on a RADIUS server. We can configure the wireless LAN used for guest traffic to authenticate the user from an external RADIUS server.

To enable an external RADIUS server to authenticate traffic using the GUI, follow this link.

Community Member

Re: Web Authentication using RADIUS

Ah, ok. I had everything set up correctly, just the policy I have on my IAS server wasn't allowing it. The policy I have (MS IAS server) forces a NAS-Port-Type of "Wireless - IEEE 802.11 or Wireless - Other" and well as forced it to use MS-CHAPv2 for Authentication. I noticed that when the log in was passed to the IAS server, it was showing "NAS-Port-Type: Not present" and using PAP for authentication. I had to create a 2nd RADIUS policy with to match these requirements in order for it to connect. Any reason why it would use PAP and any way to change that?

CreatePlease to create content