Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Authenticating Guest Users Using External Database.

Folks, greetings.

Due to the limitations imposed by wlc's database size, we decided to go for an external authentication server.

Since this external database is for guest access, we are considering in using a Linux box with LDAP, along with a web-based application which will be presented to the user for authentication purposes. This way, the user would type in his/her credentials on this portal and the same box would process the authentication.

In such a scenario, we would buid an application for the "Lobby Amabassadors" input the guest data (for auditing purposes we need to enter the user's SSN, passport # or any other official ID), and this application would generate the password to be used during the authentication process.

I've used web-auth before, with the users database loaded on the WLC (local net users). Even using an external web-auth portal, the user is still authenticated by the controller that in turn, will control whether the traffic is to be allowed or not, based on the authentication results.

That's exactly where our question lies: how should we configure the WLAN so that the WLC would receive the access request and forward it to the authentication portal/server? Would it envolve radius?

This same Linux would be the DHCP server for this guest WLAN.

WLC vesion:



Community Member

Re: Authenticating Guest Users Using External Database.

Using the Web Authentication feature on a Cisco wireless LAN controller, we can authenticate a guest user on the wireless LAN controller, on an external web server or on an external database on a RADIUS server. We can configure the wireless LAN used for guest traffic to authenticate the user from an external RADIUS server.

To enable an external RADIUS server to authenticate traffic using the GUI, follow this link.

CreatePlease to create content