Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

WLC - ACS - Web Authentication Problem

Background:

A WLC 4400 series with software release 3.2.78, and is configured to provide Web authentication to the wireless clientes. There are 2 WLANs defined, one for "guests" users and one for internal users. No local users defined on the WLC. The AAA process is done by a Radius by a Cisco Secure ACS release 3.3. There are configured 2 users groups in the ACS, "guests" and "users".

For the "guest" group WLAN was defined one collective account, lets name it "saga" with its correspondent password. And also are several individual user accounts defined for both users groups.

The Web authentication problem is with the collective guests account "saga", and is a problem that show up in a random fashion.

Problem description:

A guest wireless client is associated to the guest WLAN. In the screen appear the Web login page. The user has been assigned the collective guest account, so he/her type in the username "saga" and the correspondent password. Click on the submit button, and there's no access to the network. The screen shows again the Web login page. This happen every time that the username and password is typed in.

And the same occurrs simultaneously also for any other client trying to authenticate using the same collective account.

Some time this behavior is broke changing something in the username, lets say "SAGA" or "Saga" instead of "saga".

While this problem was going, a debug aaa details enable command was performed on the WLC.

When the collective "saga" user account and password was entered and submited, nothing appears in the debug output on the WLC!!!!

Using the same web login page and using any other user account, the access to the network is achieved without any problem and also a normal debug output on the WLC

Some things, as delete and redefine the "saga" account has been tried, but that strange behavior still show up time to time

Any idea or suggestion is quite welcome!

Thanks in advance

Roger.

2 REPLIES
Cisco Employee

Re: WLC - ACS - Web Authentication Problem

Hi Roger,

Can you please attach complete "sh run" from WLC and also can you update when your user with saga username is not authenticated and you get the web auth page asking for password again what is the status of the client.

Is it something like WEB_AUTH required or DHCP_Required.

Ankur

New Member

Re: WLC - ACS - Web Authentication Problem

HI,

Did you ever find a solution for this problem? I'm having the same issue and can't seem to figure it out for the life of me.

Thanks,

Craig

164
Views
0
Helpful
2
Replies
CreatePlease to create content