Hi, I’m not finding any secure method to authenticate users through web portal in the WLC with a backbend database.
- We have the option of using radius, but in this case WLC can only use CHAP or PAP, but they are not secure access methods. I could use Ipsec in the radius access but to allow CHAP access I have to enable reversible passwords in the Active Directory which is not a secure method to store passwords. So I cannot use radius
- I could use LDAP, but WLC doesn’t support LDAP over SSL, so it transmits passwords in clear text and there is no option to make an ipsec connection between WLC and LDAP server. So I cannot use LDAP
Any help? Is there any secure method to authenticate web users?
I still have the same question, currently I have a WLC 5508 with ACS5.0, we would like to use the web authentication with backend database(windows AD) in a secure way. How could I achieve this? Thanks.
It would be so easy as allow MSCHAPv2 in Radius or LDAP over SSL. I don't know why a device as secure and new as WLC 5508 doesn't allow that
I have an opencase with TAC.
They say I needto open a PER (Product Enhancement Request) , this is done
Via your Account Team. I will try to do it, but it seems a very long path
Hi, how are you?.
I am using web authentication and want to know if some form exists to protect to the internal portal(https://220.127.116.11/login.html). This question is in case some person from Internet does make attack DoS to this page.
Thanks a lot.
Hi. thanks a lot for your answer.
I have a little question:
If I connect to SSID GUEST(web authentication), and write in browser https://18.104.22.168/login.html opens the internal portal of the WLC. Then this IP is not routed?.
Thanks a lot.
Correct. It is not routed. The user only sees that page before they are
fully authenticated. No one else can get to that IP unless you¹re routing
22.214.171.124 on your network, which you probable aren¹t.
On 8/31/10 3:37 PM, "andres.lorat"