I'm about ready to rollout open access for http only traffic. Using a VLAN and access lists, but I would like for the user to have accept a user agreement page before continuing. Is there a Cisco product or another I can use for this?
do you want to have user accounts that the users enter a name and password? or just a splash page that has 'acceptable usage' policy & some info?
We use monowall http://m0n0.ch/wall/ for this, works like a charm. You can combine it with acls on the routers, etc. For example, we have an open wireless network that is bound to a vlan with m0n0wall as the gateway. The router, or l3 switch in our case, can apply ACLs to the subnet for the wireless. We use time-based ACLs to control when the network is available. Another product which is based on m0n0wall is pfsense http://www.pfsense.com. It is similar but it allows for redundancy.
> you want to have user accounts that the users enter a name and password?
yep... All users on my LAN goes to internet through PPTP server because my ISP don't sell unlimited accounts, he sell only "pay for traffic" like accounts and in this case i must count my LAN users traffic. Because many users can forget to establish PPTP session (but don't forget to aks "where my internet?" :-E ) i want create something what don't shows "Page cannot be found/opened" like messages but "if you forget about PPTP - enter your login and password" etc. Can "Authentication Proxy" used for it or can you recommend something for it?
What is "captive portal" in m0n0wall or pfsense? Documentation keep silence about it :(
Thanks for all the replies. Since this is an open hot spot, for an educational institute, there will be no user authentication per se. However, a user agreement screen with a simple "agree/disagree" type logon. A proxy logon might be all that's needed, the SESM might be overkill. The PIX could be another good candidate to try out. I'll definitely need to research this more.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...