I currently use a 4402 WLC located in our DMZ to authenticate Guest users - local authentication is in place. I would not like to setup RADIUS authentication via a Cisco NAC server. In order not to affect current guest users, I created a new WLAN and configured with RADIUS server details under WLANs->Edit->Security. I can associate to new WLAN and obtain a DHCP address no problem, but when I browse to an external website, I do not get prompted for authentication from the RADIUS server. I don't see any auth requests hitting our firewal, so am assuming the problem is with the WLC config.
Can anyone provide any details of what config is required?
your setup sounds pretty okay. have you got local user accounts set up on the WLC for the test WLAN? if you do, check to see that the priority order for web authentication for the test WLAN prefers the AAA account. you will have to do it directly on your controller as i do not think you have that option in WCS.