Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Web Auth timeout with Preauthentication ACL

I'm currently using a guest WIFI solution to allow guests access to the internet with a provided username and password, that’s working well. 2x4400's one with the ap's one as remote anchor out on our DMZ area.

What I want to do is allow access to our website through our guest wifi for users who aren’t given a username and password.

I have setup and tested a Pre Authentication ACL to point to the DNS and the webserver and that seems to work, i can get to the website no problem but if I try to get to the wider internet the Authentication box pops up. This is what I want.

The problem is that the connection to our external website dies after about 5 minutes and the client has to reattach again which sometimes doesn’t happen properly and they can't get back on.

The Policy Manager State for the client shows as WEBAUTH_REQD which is what I'd expect. I'm guessing there is a timer from when the device entering the WEBAUTH_REQD state to not entering the RUN state, that the client gets kicked. can this timer be increased and if so how.

Many thanks in advance,

Adam

1 ACCEPTED SOLUTION

Accepted Solutions

Web Auth timeout with Preauthentication ACL

Adam - answered previously, see if this works for you.

https://supportforums.cisco.com/message/1266267#1266267

6 REPLIES

Web Auth timeout with Preauthentication ACL

Adam,

     This is by design.  Users in the WEBAUTH_REQD, do eventually have to authenticate.  the Pre-Auth ACL is only to allow a short bypass of the authentication.   If they don't authenticate, they will be kicked off the WLAN and have to reconnect.

HTH,

Steve

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
New Member

Web Auth timeout with Preauthentication ACL

Thanks Steve,

I realised that, I was just wondering how I can make that short time longer.

Adam

Web Auth timeout with Preauthentication ACL

To my knowledge, the timer is not changeable.

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered

Web Auth timeout with Preauthentication ACL

Adam - answered previously, see if this works for you.

https://supportforums.cisco.com/message/1266267#1266267

New Member

Web Auth timeout with Preauthentication ACL

Thanks for this darren, and sorry for the delay in getting back to you.

That command looks like just the thing i am after, i have now got so down time on the system in order to give it a go, and run it for today and see what the implications are for our systems.

Adam

New Member

Web Auth timeout with Preauthentication ACL

Darren,

Have been running it now since the 18th with no ill effects so happy with that.

Many thanks for your help.

1525
Views
0
Helpful
6
Replies