Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

How to customize the Web Authentication Login on the WLC

Core Issue

This discusses the customization of the Web Authentication Login window on a Wireless LAN Controller (WLC).


This problem is documented in Cisco bug ID CSCse34063.

This is important information to know about web authentication:

Web authentication is a Layer 3 security feature that causes the controller to not allow IP traffic, except DHCP-related packets, from a particular client until that client has correctly supplied a valid username and password.

Note: Web authentication only works through HTTP rather than Secure HTTP (HTTPS).

Before web pages are customized, complete these steps:

  1. Make sure the PC obtains an IP address without web authentication configured, for example a Service Set Identifier (SSID) with no authentication. Also, make sure it can ping the default gateway, knows the location of the Domain Name System (DNS) server, and can resolve the name with the nslookup command.
  2. Define a user in the WLC under Security > Local net users. Under the wireless LAN (WLAN), set Layer 2 security to none, Layer 3 security to none, and enable web policy authentication. This redirects the user from step one to the virtual IP address of the WLC. Make sure the virtual address is unique and non-routable in the network.
  3. Once step two works, other things can be tested.

Note: In order to customize web pages, the WLC must run 4.0.X.

Refer to the Choosing the Web Authentication Login Window section of Managing User Accounts for more information about web page customization.

Refer to these documents for related information:

Problem Type

Configure / Configuration issues


Wireless LAN Controllers