Encryption options on a Lobby Ambassador implementation
I'm in the middle of configuring a guest wireless network using the lobby ambassador feature. I have things up and running using Open Encryption at L2 and WebAuth at L3 - The Controller doesn't like any L2 security that I try to add and I'm uneasy at just using WebAuth, has anyone implemented something similar? Were you able to add any kind of encryption?
Re: Encryption options on a Lobby Ambassador implementation
By it's very nature, the WebAuth feature will not allow any encryption. This is a feature very much like a hot-spot that you'd see in a coffee shop. In order to allow any user to access the authentication splash page, the WLAN has to be completely open.
If security is required, then it really has to come from higher layers of the stack (ie, IPSEC, HTTPS, SSH, etc).
So to answer your question, yes I have implemented a number of Web Auth WLANs, and no, it is absolutely not possible to implement any kind of encryption on the WLAN.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...
I have created a Powershell script to automatically add a Wireless Guest
User on Cisco WLCs. (tested on 2500 Series) The script should be
completely self explanatory. Prerequisites: Powershell SNMP Module
(Install-Module -Name SNMP) SNMP Write Access to y...