You have to plan for that. The reason being is that webauth is a layer 3 authentication method, this requires the client to have a valid ip address prior to web authentication. Unlike wpa/wpa2/WEP/802.1x, these encryption is layer 2 and happens prior to the client obtaining a dhcp address.
You need to increase the subnet size and maybe reduce the dhcp lease time.
Welcome to the world of Guest Wireless where your DHCP pools will deplete faster than your wallet when your wife goes shopping!
Scott is on target. In order to get that pretty web screen, you need to have a ip address to deliver it to your client.
- Make bigger scopes
- Shorten Lease Times
- Or, dont broadcast your SSID
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
I agree with Scott and George about the suggestions. I am having same issue here and I am stuck because DHCP guys refusing to reduce the lease time (now it is 4 hours). But I never came to 100% utilization. always reports come 90+ % but never 100%.
I however disagree with George about the depletion point. I still believe that wives deplete wallets faster.
Rating useful replies is more useful than saying "Thank you"
The default value is disabled. This command is applicable when you configure the internal DHCP scope on the controller. By default, when the web authentication timer expires for a guest user, the user can immediately reassociate to the same IP address before another guest user can acquire it. If there are many guest users or limited IP addresses in the DHCP pool, some guest users might not be able to acquire an IP address.
When you enable this feature on the guest WLAN, the guest user's IP address is released when the web authentication policy timer expires and the guest user is excluded from acquiring an IP address for 3 minutes. The IP address is available for another guest user to use. After 3 minutes, the excluded guest user can reassociate and acquire an IP address, if available.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...