I hope some one can help me with my issue here, i'm excited I've gotten this far in our migration with LWAPP as a whole. I've been successful in setting upa customized authentication webpage on the WLC, NOT an external web site. In this site I've embedded the Login/Submit button to login as the user Guest (I'll explain later as to why). In testing this, I hadn't setup a user yet but wanted to see if the button would perform..it did great. Later, in the process of creating our Help Desk a helpdesk lobby admin user, I noticed in the ACS Failed Attempts log that the user guest had failed. Obviously it would fail as it hadn't been set up, but I didn't know (had hoped) that the guest user accounts could be passed to the ACS! One problem.... Excited about this (again, I'll explain later) I created a basic user of guest and the password that is set for him in the html file and tested it, failed login - CS Password Invalid. I can create the same user on the WLC for web authentication and it works. What could be stopping it and giving an invalid password error? I of course checked the password multiple times, it's simply guest as well. I've made sure all the settings on ACS are correct and that a user of guest and a password of guest would be allowed by the Local Password Management. Also, the radius servers are set up on the WLC and I have it selected for Network User. Any ideas? Of course, again if I create the user locally on the WLC it works great.
Now, the reason I would like the user Guest on the acs is I would like to be able to pass some radius attributes such as idle-timeout and session-timeout for this user, but have the user be able to login a multiple of times (different visitors). Also, the reasoning behind embedding the usernet in the submit button is because the next step is to have a seperate login/password area for visiting Vendors. This will allow them access to different things versus's just plain jane internet service. So, I suppose the question is can the WLC even accept radius attributes correctly? Has anyone ever used a max-upload max-download attribute on the ACS for bandwidth limitation? Lots of questions, hope some one has a clue.
Re: WLC Guest Internet Service / ACS Authentication
I went ahead and recopied the shared-secret from ACS to the WLC and it seems to work now. Not sure why ACS reports it as CS Password Invalid instead of invalid shared-secret. So does anyknow if the WLC will accept radius attributes or aironet radius attributes?
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...