Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Why is Web Page Auth on MAC Filter Failure not working on Anchor Controller?

Hi,

I have implemented a Guest WLAN solution as per the recommended design from Cisco. We have two internal WiSM2 controllers providing services for Internal secure SSIDs. Both these controllers are members of a Mobility and RF management group.

Two 5508 controllers have been installed in our DMZ for resilience and have been placed into a separate Mobility group. All controllers (internal and external) have been linked together as mobility neighbours in a full mesh and a new SSID for Web Guest traffic has been anchored to the controllers in the DMZ.

Web page authentication works perfectly fine, but I cannot for the life of me get the MAC filtering override to work, i.e. if a MAC address is present, do not redirect to the splash page for web auth.

I can get MAC auth working by iteself, but not with the Layer 3 option selected for web page auth on mac filter failure.

I know I can get around this by just creating two separate SSIDs. But the business is used to just having the one SSID for all guest traffic.

Is this a known limitation when anchoring SSIDs to controllers in the DMZ ?

6 REPLIES
Cisco Employee

Why is Web Page Auth on MAC Filter Failure not working on Anchor

Hi,

Yes..CSCts54424    Web auth on mac filter  failure does not work properly with anchor WLAN

Please open a TAC case and we can see if we can give you an image with the FIX.

Thanks..Salil

New Member

Why is Web Page Auth on MAC Filter Failure not working on Anchor

I'm hitting this bug too, when can we expect a fix.

Thanks

Cisco Employee

Why is Web Page Auth on MAC Filter Failure not working on Anchor

The target is the 7.0 release that will come after 7.0.220. It's targeted for February.

You can probably get a workaround/solution by opening a TAC case

Cisco Employee

Why is Web Page Auth on MAC Filter Failure not working on Anchor

Hi Nicolas,

I guess they changed their mind to add this fix in 7.0MR3. Now the fix will be in 7.2 release planned to be release in FEB.

There is a documentation bug opened to add this to configuration guide :

CSCtw48727    Document CSCts54424. Limitations webauth on mac filter fail for anchor

Regards..Salil

CSCtw48727    Document CSCts54424. Limitations  webauth on mac filter fail for anchor
New Member

Re: Why is Web Page Auth on MAC Filter Failure not working on An

Documentation bug makes me apprehensive about a proper fix. Will Cisco fix the bug so that this feature works across mobility anchors? Or will they s l e a z e it out and simply update the documentation to say it doesn't work?

New Member

Why is Web Page Auth on MAC Filter Failure not working on Anchor

FYI

7.2 will not run on the 4400 series WLC.

Only the Documentation will be updated for the 7.0.

Be aware that as it stands the "on MAC failure" feature has more limitations. With the current code the selection of the "on MAC failure" is exclusive to the other options within the Web Policy. For example: You cannot have the client "pass-though" on MAC failure. Feature request CSCtw73512 is opened for this - it is not scheduled for any release yet.

Aparently this feature was added for one specific customer to solve one specific need.

IMHO although this feature is potentally extremly useful - in its current form it should not have been made available in the gereral public release.

1710
Views
5
Helpful
6
Replies
CreatePlease to create content