Authenticating Guest Users Using External Database.
Due to the limitations imposed by wlc's database size, we decided to go for an external authentication server.
Since this external database is for guest access, we are considering in using a Linux box with LDAP, along with a web-based application which will be presented to the user for authentication purposes. This way, the user would type in his/her credentials on this portal and the same box would process the authentication.
In such a scenario, we would buid an application for the "Lobby Amabassadors" input the guest data (for auditing purposes we need to enter the user's SSN, passport # or any other official ID), and this application would generate the password to be used during the authentication process.
I've used web-auth before, with the users database loaded on the WLC (local net users). Even using an external web-auth portal, the user is still authenticated by the controller that in turn, will control whether the traffic is to be allowed or not, based on the authentication results.
That's exactly where our question lies: how should we configure the WLAN so that the WLC would receive the access request and forward it to the authentication portal/server? Would it envolve radius?
This same Linux would be the DHCP server for this guest WLAN.
Re: Authenticating Guest Users Using External Database.
Using the Web Authentication feature on a Cisco wireless LAN controller, we can authenticate a guest user on the wireless LAN controller, on an external web server or on an external database on a RADIUS server. We can configure the wireless LAN used for guest traffic to authenticate the user from an external RADIUS server.
To enable an external RADIUS server to authenticate traffic using the GUI, follow this link.
IntroductionHow to use the Wireless LAN Controller Configuration Analyzer (WLCCA)
Javier Contreras is a Senior Tech Lead for the Wireless Business Unit in Cisco, with over 2 decades of experi...
< PRE >
(#)For this reason being that : - application that doesn't use multicast, sends one copy of each packet ( data unit of traffic at layer 3 ) to each client (" who seeks the traffic ).- application that does use multicast, sends ...
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...