H-REAP AP with Web Passthrough layer 3 security....?
I have a Cisco 5508 Wireless Controller with 5 Cisco 1142 wireless access points. The controller is installed at a central site which also has two access points present, which are configured in "Local" AP Mode. The other 3 WAP's are installed at 3 different sites across a WAN. These 3 WAP's are configured in "H-REAP" AP Mode with local switching enabled. The 3 WAP's in H-REAP mode are configured to drop the user onto a local VLAN 253. At each remote site I have a Cisco router serving DHCP for the wireless clients on VLAN253. This setup all works great, wireless clients can associate to the SSID, are assigned an IP address by the Cisco Router DHCP, and then can browse the network/Internet.
As this is a guest wireless network, I would like to add a "Welcome" page for the wireless users to "Accept" before they can browse the network/Internet. I understand that the Web Passthrough feature provides this functionality when in normal "Local" AP Mode, but does it also work for WAP's in "H-REAP" AP Mode? ie, I have got the Web Passthrough feature working for my 2 WAP's which are in "Local" AP Mode, but when I apply the same configuration to the WAP's in "H-REAP" AP Mode it doesn't work. When the wireless users try to associate their laptop's get stuck trying to get an IP address from DHCP, which never gets served. When I monitor the DHCP server I see a DISCOVERY come in, and an OFFER go out, but the OFFER never makes it back to the client. It is like the WLC is not allowing the traffic because it is expecting the user to "Accept" the "Welcome" page.
So my first question is; does Web Passthrough work when the WAP is in H-REAP mode and the DHCP server is external (not the wireless controller).
Then my second question is; if it does work, can anyone suggest why it's not working for me?
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...