Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Disable HTTPS on web-auth passthrough

I have a guest wireless network setup on a 5508 WLC using 7.2.103.0 firmware. Under my guest WLAN>security>Layer3 tab I have "layer 3 security" as "none", "web policy" as check marked, "passthrough" selected, "over-ride global config" as check marked, "web auth type" as "customized(downloaded), "login page" and "login failure page" as "login.html" selected.

I haveI have 4402 WLC's using 7.0.116.0 firmware throughout my company that anchor back to the 5508 for the guest network. The 4402 WLC have the guest network configured as WLAN>security>Layer3 tab I have "layer 3 security" as "none", "web policy" as check marked, "passthrough" selected.

I would like to disable the HTTPS for the logon screen and I am not sure what steps need to be done for this. I researched and found the command "config network web-auth secureweb disable". I set the command on the 5508 only and rebooted. When I tested I got a blank webpage with "http://1.1.1.1/fs/customwebauth/login.html?switch_url=http://1.1.1.1/login.html" in the address bar and had no way of clicking the accept button to get to the Internet.

Everything works fine again if I enter "config network web-auth secureweb enable" and reboot. Do I need to run the "config network web-auth secureweb disable" command on all the 4402 WLC's that are anchored to the 5508? What could be breaking my login.html page while using only http?

  • Security and Network Management
Everyone's tags (4)
4 REPLIES

Re: Disable HTTPS on web-auth passthrough

That feature is only available in 7.2. Since the 4400 can't run 7.2 I would think it would break as the policies wouldn't match.

Steve

Sent from Cisco Technical Support iPhone App

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered

Disable HTTPS on web-auth passthrough

#you're hitting a bug, Enable HTTP for management access on WLC and that should fix the issue or update to 7.3 that has fix for this issue.

# Guest anchor should work without an issue atleast between the code 6.0 and 7.3 excluding bug(s) from appropriate code like above.

New Member

Disable HTTPS on web-auth passthrough

Thanks for the reply. I ended up leaving the secure-web enabled(to use https). I installed a certificate and everything works fine. My original reason for going thru all of this is to avoid the untrusted certificate webpage in IE or FF when users were trying to use this wireless SSID on smart phones.

New Member

Disable HTTPS on web-auth passthrough

Hello,

I`ve got few controllers (software version 7.3, 7.4 and 7.5). Could someone please explain, if the HTTP option must be enabled to get HTTP page for web passthrough? I`d like to access the controller (for management) only through HTTPS , but for the guest access, I need to have only HTTP, because of certificate error message. I don`t want to install the signed certificate, if it is not necessary. Also is there anything else, what needs to be configured (overide the global settings under WLANs was mntioned above) to make this setup work? My set-up is HTTP-disabled, HTTPS-enables and SecureWeb - disabled but users are still redirected to HTTPS site, which is blank and can`t confirm and access the Guest Wifi.

Thank you.

Pavol Jasurek

4532
Views
5
Helpful
4
Replies