I have multiple SSID, but want users of a single SSID to be red

game123 · ‎02-13-2014

Hi team,

I have multiple SSID, but want users of a single SSID to be redirected to a HTTP or HTTPS URL (LAN SERVER for authentication)

I am very curious and it is important. I want to see how to achieve this with CISCO WLC !!!

Scott Fella · ‎02-13-2014

You can redirect users to an external server for authentication. Here is a guide that explains it:

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71881-ext-web-auth-wlc.html

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

game123 · ‎02-13-2014

Well, how to restrict users of a particular SSID only to go to 3rd party web authentication page (and just proceed from there ) to whatever happens next..............................

I do not want this to happen to other SSID (except only a particular SSID)

all user accounts for authentication is created on a web server created to be used once user selects that particular SSID !!!

advice pls.

Stephen Rodriguez · ‎02-13-2014

The link Scott gave you has the WLAN configuration under :

Configure the WLAN for Guest Users Section

You have to tell the WLAN to use WebAuth for it to work

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Sandeep Choudhary · ‎02-13-2014

HI,

Here are the two ways:

1. You can do that from under WLAN cofnig -> Security -> Layer 3. for external servers only, not for the internal page.

**** It can only be used for external servers but cannot be used for the internal server authentication.

see the screenshot:

2. you can do a per WLAN redirect, but you have to do custome pages for each WLAN. You can specify the redirect URL in the HTML configuration.

example:

if(urlStr.length > 0){

redirectUrl += urlStr;

if(redirectUrl.length > 255)

redirectUrl = redirectUrl.substring(0,255);

document.forms[0].redirect_url.value = redirectUrl;

Changed the urlStr variable to my redirect URL (i.e., redirectUrl += "http://www.google.com

Regards

Dont forget to rate helpful posts

game123 · ‎02-16-2014

Thanks for the input well , when I did all above steps I am getting URL formation something like below :

http://10.229.3.99/?switch_url=https://1.1.1.1/login.html&ap_mac=e8:40:40:ad:cc:80&wlan=MO-GUEST&redirect=/?switch_url=https://1.1.1.1/login.html&ap_mac=e8:40:40:ad:cc:80&wlan=MO-GUEST&redirect=/?switch_url=https://1.1.1.1/login.html&ap_mac=e8:40:40:...

Where what i want is simply "if someone access the WLAN "E" they should be first redirected to 10.229.3.99 and then once authenticated by 10.229.3.99 should be allowed to use internet. Pls note that on 10.229.3.99 there is an authentication server !!!

Advice required.

regards,

game123 · ‎02-16-2014

http://10.229.3.99/login.html?switch_url=https://1.1.1.1/login.html&ap_mac=e8:40:40:ad:cc:80&wlan=MO-GUEST&redirect=/login.html?switch_url=https://1.1.1.1/login.html&ap_mac=e8:40:40:ad:cc:80&wlan=MO-GUEST&redirect=/login.html?switch_url=https://1.1.1...

I wanted if someone connects to WLAN "MO-GUEST" automatically the user should be redirected to http://10.229.3.99/login.html and once authenticated by 10.229.3.99 , he/she should be allowed to access anything as normal. [ actually i just want automatic url redirection for the first time for the user of wlan "MO-GUEST"

waiting expert opinions.

Scott Fella · ‎02-16-2014

The problem you have is... How many different webauths page do you have? Typically only guest would be redirected, your internal users would authenticate using a layer 2 encryption method and maybe a layer 3 to a radius server.

Your external server can't authenticate the users as the users must either be on the WLC local net user or local user on a radius or AD.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***