Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Web Authentication in WLC

I have a 5508 WLC with about 17 Aironet APs attached and 2 WLANs. All is working as it should, but on one of the WLANs I have Web Policy set up under Layer 3 Security with Authentication. If I attempt to access a website with a browser from a mobile device, I'm prompted for my credentials and all works fine.

The problem occurs when I have an app that makes use of the internet, but does not open a browser. The app fails because I haven't authenticated to the controller yet. The app has no clue about this and simply sits and eventually gives a connection error. If I open a browser, authenticate, then run the app it works fine. This is an extra step and will cause much complaining. Is there a method to supply the credentials so the app can freely access the internet? How does Passthrough function while still using the locally created user accounts?

 

TIA

Ken

 

 

1 ACCEPTED SOLUTION

Accepted Solutions

Hi Ken,The issue you

Hi Ken,

The issue you experience should have been taken earlier in the design phase. This is how the product works with web authentication.

If there are applications that can not use web-authentication there must be another solution set to allow them smooth connectivity. Some available options are to have a separate SSID for those clients with different security method (L2 security for example) OR to have static IP on the machines that host those applications and use pre-authentication ACL under the WLAN profile.

Getting the application to connect automatically fill the web-auth credentials (or accept the button in case of passthrough) is not unfortunately possible.

There are some applications (like nowadays new smart phones) that can detect if there is some kind of L3 authentication is needed and prompt you automatically for credentials right after getting connected to the network. However, they don't fill the page or accept the button on your behalf. They just bring to your attention that the connectivity is not complete and you have to do something in order to be able to fully connect to the network (usually, internet).

 

HTH

 

Amjad

Rating useful replies is more useful than saying "Thank you"
1 REPLY

Hi Ken,The issue you

Hi Ken,

The issue you experience should have been taken earlier in the design phase. This is how the product works with web authentication.

If there are applications that can not use web-authentication there must be another solution set to allow them smooth connectivity. Some available options are to have a separate SSID for those clients with different security method (L2 security for example) OR to have static IP on the machines that host those applications and use pre-authentication ACL under the WLAN profile.

Getting the application to connect automatically fill the web-auth credentials (or accept the button in case of passthrough) is not unfortunately possible.

There are some applications (like nowadays new smart phones) that can detect if there is some kind of L3 authentication is needed and prompt you automatically for credentials right after getting connected to the network. However, they don't fill the page or accept the button on your behalf. They just bring to your attention that the connectivity is not complete and you have to do something in order to be able to fully connect to the network (usually, internet).

 

HTH

 

Amjad

Rating useful replies is more useful than saying "Thank you"
97
Views
0
Helpful
1
Replies
CreatePlease login to create content