Cisco :: 5500 Series - How To Disable HTTPS WebAuth On 7.0.x Code

Oct 1, 2012

I understand that Cisco have at long last provided a facility to separate HTTP web authentication from HTTPS WLC management on WLC code 7.2.x for the new 5500 series WLCs.
 
My question is does Cisco intend to provide the same much needed functionality on the 4400 series WLCs that are running 7.0.x code? I was looking through the release notes for v7.0.235.3 code and that did not seem to mention this functionality. I know we can get around the problem by purchasing an SSL certificate so that guest users with web authentication do not have to see the same security warning each time they log in but the idea to separate the HTTP web authentication from HTTPS WLC management seems so much simpler.

View 6 Replies


ADVERTISEMENT

Cisco :: WLC2006 - Need Custom Webauth Page Displayed With HTTP Instead Of HTTPS

Jan 31, 2007

I have a custom webauth page installed that I am using with web passthrough authentication on my WLC2006 in order to put up a acceptable use policy page. The WLC uses HTTPS to display this which causes a security certificate warning to appear if I go with the WLC's own self-signed certificate.  Is there a way I can get the WLC to use plain HTTP to display this page instead so I can eliminate the warning? I have already tried installing a trusted 3rd party certificate on the WLC, but I have this very strange problem where mucking with the WLC's web authentication certificate in any manner causes all network activity on the WLC to break except for CDP and ARP, essentially leaving the WLC dead.  Three weeks of troubleshooting with Cisco TAC has yielded no progress on that front so now I am trying to bypass the need for a security certificate altogether since I really don't need to encrypt my acceptable use policy page.

View 13 Replies View Related

Cisco Wireless :: Maximum Code Level For Lightweight 1130 / Minimum WLC Code For 1600 Series APs?

Feb 19, 2013

I have been searching through the cisco docs for a while and i just cant seem to find this info. Can I run aironet 1600's with my wism running 7.0.116? Also, could I run my 1130 series ap's with a wism2? Basically, what is the minimum code level for a lightweight 1600, and what is the maximum code level for a lightweight 1130?

View 3 Replies View Related

Cisco :: WebAuth Bundle Not Uploading 2100 Series

May 19, 2012

Recectly we replaced Cisco 2100 Series LAN controller to Cisco 5508 Wirless LAN controller , I downloaded WebAuth Bundle from my Old LAN Controller ,when i am trying to upload to my New Wireless LAN controller ,its not uploading and also it gave me uploading failure error message .

View 2 Replies View Related

Cisco Wireless :: WLC 5500 7.4 HTTPS Access On Service Ports Using HA AP SSO

Mar 5, 2013

I use the Service port connected to the managementVLAN to manage the WLCs. When configuring HA with AP SSO, I lost HTTPS connectivity to the WLC, telnet still works fine.I researched the deployment guide and it states:
 
- When AP SSO is enabled, there is no SNMP/GUI access on the service port for both the WLCs in the HA setup.Why is remote access disabled using GUI when using HA, and how can I keep management of my WLC using HTTPS and an address in the ManagementVLAN.

View 10 Replies View Related

Cisco :: 5508 - Disable HTTPS On Web-auth Passthrough

May 16, 2012

I have a guest wireless network setup on a 5508 WLC using 7.2.103.0 firmware. Under my guest WLAN>security>Layer3 tab I have "layer 3 security" as "none", "web policy" as check marked, "passthrough" selected, "over-ride global config" as check marked, "web auth type" as "customized(downloaded), "login page" and "login failure page" as "login.html" selected.
 
I haveI have 4402 WLC's using 7.0.116.0 firmware throughout my company that anchor back to the 5508 for the guest network. The 4402 WLC have the guest network configured as WLAN>security>Layer3 tab I have "layer 3 security" as "none", "web policy" as check marked, "passthrough" selected.
 
I would like to disable the HTTPS for the logon screen and I am not sure what steps need to be done for this. I researched and found the command "config network web-auth secureweb disable". I set the command on the 5508 only and rebooted. When I tested I got a blank webpage with "http://1.1.1.1/fs/customwebauth/login.html?switch_url=http://1.1.1.1/login.html" in the address bar and had no way of clicking the accept button to get to the Internet.
 
Everything works fine again if I enter "config network web-auth secureweb enable" and reboot. Do I need to run the "config network web-auth secureweb disable" command on all the 4402 WLC's that are anchored to the 5508? What could be breaking my login.html page while using only http?

View 3 Replies View Related

Cisco Wireless :: 3602e Access Point To Work With 5500 Controller With Code 7.0

Jun 15, 2012

i have cisco CAP 3602e series access point to work with 5500 series controller with code 7.0i did not find VCI option 60 for this type of APs to configure DHCP. How I can let these APs will join the controller, i mean through which process DNS discovery methode and what about if i need to configure option 60 and 43 in dhcp for ap joining process to controllers.

View 4 Replies View Related

Cisco VPN :: ASA 5500 Disable Endpoint Assessment For WebVPN

Aug 30, 2011

I want to use the endpoint assessment / prelogin policies to apply only for anyconnect. Are there any ways to configure this?
 
I do not want the Secure Desktop to popup during webvpn.

View 0 Replies View Related

Cisco VPN :: Licensing On ASA 5500 Series?

Nov 15, 2011

We have the ASA firewalls in our environment - two 5510's and one 5520.Our 5510's are currently used in our production environment and the 5520 is our firewall for pre-production and support personnel. My question is about the AnyConnect VPN licenses we have. Currently we have 100 seats for AnyConnect on our production ASA's, but we'd like to see if we can move half of these to the 5520 ASA?

View 1 Replies View Related

Cisco Firewall :: IPS Module Setup On 5500-X Series ASA

May 16, 2013

Since the 5500X series firewalls use a software IPS SSM that is set up differently from the old ones, I am a little confused on the initial setup.
 
[URL]
 
we see a proposed setup for L3 management of the IPS
 
interface GigabitEthernet0/0
nameif outside security-level 0
ip address 203.0.113.1 255.255.0.0

[Code].....

View 1 Replies View Related

Cisco Wireless :: AP Models Which Support 5500 Series?

May 25, 2012

are there any AP models which support 5500 series and dont support 4400 series. Actually we are looking to get some new AP with higher bandwidth and External Antenna How to differentiate between AP models with clean air feature supported and not

View 5 Replies View Related

Cisco Switching/Routing :: Error Log On 5500 Series?

Feb 3, 2012

:  %DATACORRUPTION-1-DATAINCONSISTENCY: unterminated string in buffer of  length 129, counted: 129 -Traceback= 4027CB2C 402B1E88 4052884C 40528A48  40528D08 40529188 40529358 403247E8 403247D4

Cisco Internetwork Operating System Software
IOS (tm) C5RSM Software (C5RSM-ISV-M), Version 12.2(46), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2007 by cisco Systems, Inc.
Compiled Thu 26-Apr-07 19:41 by pwade
Image text-base: 0x40010948, data-base: 0x410F41D0

[code]....

View 6 Replies View Related

Cisco Wireless :: AP Won't Join (LAP1242 And WLC 5500 Series)

Jul 23, 2012

The access point is reply when I ping it from WLC. But until know it can't join, even discovery packet isn't arrive in WLC.
 
WLC software version = 6.0.199.4
Management interface address = 192.168.120.10 /24
Model = 5508 
 
Access point software = 1240 Software (C1240-RCVK9W8-M), Version 12.4(21a)JA2, RELEASE SOFTWARE (fc1) AP Model = cisco AIR-LAP1242G-E-K9 Interface address = 192.168.121.151

View 19 Replies View Related

Cisco Firewall :: Will Content Security Be Offered On ASA 5500-X Series

Jan 20, 2013

Our requirement with that appliance is to do URL blocking and filtering.Are there any other options we can consider or is it SaaS only. Would have preferred Trend Micro, but don't this is possible with this appliance.Will content security be offered on the Cisco ASA 5500-X Series?At this time, content security services are not supported on the Cisco  ASA 5500-X Series appliances. However, the ASA 5500-X Series Cisco Cloud  Web Security ready. Cisco Cloud Web Security provides content security  as a cloud-based software as a service (SaaS).

View 1 Replies View Related

Cisco Wireless :: Register Ap Aironet 1200 To WLC 5500 Series?

Nov 20, 2012

I have this version Ap "c1200-rcvk9w8-tar.124-21a.JA2" and a WLC 5500. When i connect the ap to the network i can ping from ap to wlc and the wlc to ap,  but the proccess of lwapp messages give errors on the Ap when the Ap try to download the image from wlc and could not join the wlc. why this could be? this is the info of the wireless lan controller.

View 6 Replies View Related

Cisco Firewall :: License And Hardware Changing 5500 Series

Aug 8, 2011

I bought a 5500 series ASA and SecPlus license for example. Suddenly my ASA hardware got broken and changed for a new one. What about my old license? How i could activate this license on new ASA?

View 2 Replies View Related

Cisco Firewall :: How Many IPSec Tunnels An ASA 5500 Series Supports

Aug 4, 2012

I tried looking in ASA documentations but unable to find out that how many IPSec Tunnels can be terminated to an ASA cluster. I have 5545 running only two IPSec Tunnels so far but need to terminate 18 sites all up and would like to confirm how many tunnels we could terminate? Is there a limitaion to it?

View 2 Replies View Related

Cisco Switching/Routing :: Nexus 7K 6.1 Code And F2 Series Module - How To Enable Priority

Jul 7, 2012

I have a 7K running 6.1 code, on F series line cards. I  need to set it to prioritise DSCP EF marked traffic, that's all at this stage, but am  unclear on the configuration steps required. The packets will already be  marked, I just need to ensure they end up in a priority queue.

View 2 Replies View Related

Cisco Security :: 881 Series Router - How To Disable USB Port

Sep 11, 2011

How do I disable the USB port in the 881 router?
  
881router#show usb port
Port Number: 0
Status: Disabled
Connection State: Disconnected
Speed: Full
Power State: ON

View 3 Replies View Related

Cisco Wireless :: Client Type In 5500 Series WLAN Controller

Jul 5, 2011

The Release Notes for 7.0.116.0 of WLC 5500 has a table which title is "Client Type", and it shows wireless adapters. My question is,
what kind of customer means? Wireless clients or clients for an specific application? If it was the first option, does it mean tha just this adapters could connect to my wireless network?

View 1 Replies View Related

Cisco Switching/Routing :: Layer 3 Module Required For 5500 Series Switch?

May 16, 2013

We are working with a contractor to upgrade our network, and I heard from them that the 5596/5548 might not need the Layer 3 module for our inter-VLAN routhing.  They have yet to give me an answer.
 
We do have a few static routes on our current layer-3, core switch too. 

View 3 Replies View Related

Cisco Wireless :: Disable AP Mode Multicast In 1231 Series Access Point

Jan 23, 2013

I have one controller 2504 and some 1200 series access points.I am using 3 SSID .I want to use two ssid in HREAP mode but HREAP mode is not showinh in access point because multicast is enabled on AP mode. see the below picture

I have disabled the multicast globally from CLI. config network multicast global disabled
 
disabling the multicast so that i can set the access point in HREAP mode.

View 3 Replies View Related

Cisco :: WLC 5508 - WebAuth Bundle Tar Error 256?

Nov 8, 2010

I have a new fresh 5508 release 7.0.98.0 When I try to download (I mean upload to the controller) a customized Webauth bundle in .tar format I have the following message error in the syslog :*TransferTask: Oct 29 12:56:08.894: %UPDATE-3-UNTAR_CMD_FAIL: updcode.c:2832 Error during untar of webauth bundle. Tar returned 256.

View 17 Replies View Related

Cisco :: 5508S Guest WLAN To Anchor With Webauth

Jul 18, 2012

I have 2 5508s (foreign and anchor both running 7.2.110.0) with an open WLAN configured via mobility anchors. This configuration works and has no problems. My next task is to incorporate a webauth page (accept/reject) to present the clients with AUP information, etc.  On the foreign controller I created a test WLAN (open) and setup webauth Passthrough using the Cisco webauthbundle (wap.html), this works as intended, no issues. However I am at a loss as to how to incorporate the webauth Passthrough functionality on the WLAN that is configured for the mobility anchor.

View 2 Replies View Related

Cisco Wireless :: Putting A Certificate On 5508 WLC For Webauth?

Feb 12, 2013

I am using webauth and need to install a SSL cert to prevent the "There is a problem with this website's security certificate" message. I have a Wildcard cert that was issued by Network Solutions that I use on a couple web servers I run, and want to know if I can use that for the WLC? It's a pks cert and I think the WLC needs to use a pem cert, so I converted the wildcard to pem. Or do I need to purchase a cert that is not a wildcard and is in pem format?

View 7 Replies View Related

Cisco :: 5508 - Webauth Bundle Upload Fails

Jul 26, 2011

I have in the past downloaded the webauth bundle to a wlc 5508 running 7.0.98 successfully. I am trying to upload a new bundle after modifying the AUP but I get an error after the  download to the wlc.
 
The error with FTP or TFTP is
% Error: Webauth Bundle file transfer failed - Unknown error - refer to log
 
I've tried to copy the unmodified bundle from the zip and get the same error so I don't think it's the login.tar file.

View 3 Replies View Related

Cisco Wireless :: WebAuth Bundle In 2106 AP Controller?

May 18, 2012

I would like to get webauth bundle sample to create custom page for our AP controllers but I'm unable to find the sample .tar within the WCS itself.Some other WCS manuals has references in them that says there should be link to download sample from WCS but clearly 2106 hasn't got one.There's one in download section "webauth bundle 1.0.2.zip" but this is for registered partners and costumers, we are not registered as partners and cannot download the sample ourselves.

View 2 Replies View Related

Cisco :: WLC 5508 - Error Extracting Webauth Files?

Apr 9, 2013

i am getting an error during the Upload of Login page for WLC 5508 customized.After the upload is completed i receveid the error "Error extracting webauth files."I tried to create the file *.tar with different program (winrar, 7zip, gnu tar, etc)

View 3 Replies View Related

Cisco :: WLC 4402 - Chained Webauth Certificate Installation Fails

Nov 9, 2011

I'm trying to install a webauth certificate -- it works fine when unchained, however once I add the additional information the installation fails.  I am using the same root and intermediate certificate information as last year, and it worked fine then.  I can recreate last year's pem file with the chained information and it installs fine, so it's only when I include the new device certificate information that it fails. The certificate installs fine when it's not chained, I'm not receiving any openssl errors, and I'm not using openssl 1.0. 

View 1 Replies View Related

Cisco Wireless :: Webauth Doesn't Work After Controller Update 7.2.115.1

May 5, 2013

i've upgraded our WLC 5508 from 7.0.220 to 7.2.115.1.For our guest WLAN we use web authentication with customized startpage, no login error page and no logout page. The customized login page is displayed correctly. After successful authentication the browser is forwarded to the default CISCO login page "login.html". No further autentication is possible, also no internet access.Reload the customized webauth bundle to the controller didn't change anything. Is there a change in the HTML/Java code of this controller version? I didn't find any hint in the release notes. Or do I need the newer web authentication bundle with version 1.0.2?

View 6 Replies View Related

Cisco :: 5508 Wireless Controller Reload After Disabling WebAuth SecureWeb

May 21, 2013

We have disabled the WebAuth SecureWeb on our 5508 WLCs so Guest users can access the guest splash page without the certifiacate error.  The controllers are currently running 7.3.112.0. Everything works fine with the WebAuth SecureWeb enabled, but once we disable the guest users are not redirecting to the splash page anymore. I remember having to reload the controller in the past to disable HTTPS completely, but is this still the case?  I don't see any documentation supporting the need to reload.

View 2 Replies View Related

Cisco AAA / Identity / Nac :: Webauth Url Redirection Fail With Firewall Between Host And Switch

Feb 27, 2013

Web auth redirect URL gets dropped if stateful firewall is between webauth host and switch management interface.  Aaron at Cisco live london kinda hinted about maybe Cisco working on this ?  We can't disable stateful inspection. Is there any other solutions or workarounds ?
 
"Although this approach introduces additional hops in the return path from the switch to the host, it produces negligible load on the default router and intervening infrastructure since only the WebAuth traffic from the switch to the host follows this path. In campus designs that do not use SVIs on the data VLAN,6 a default route is typically already configured. In this case, no additional configuration is required to support WebAuth.

However, problems may arise in the case in which traffic to the default router is bridged through a stateful firewall. The original SYN packet in the TCP handshake is consumed by the access switch, so the first packet that the firewall sees is the SYN-ACK packet from the access switch. Stateful firewalls typically drop SYN-ACK packets if they have not seen the original SYN packet.In this case, you will need to turn off stateful inspection for ports 80 and 443 on the firewall."

View 1 Replies View Related

Cisco Wireless :: 5508 - WLC 7.2 - Custom WebAuth Using Waep Template With HTTP Only

Apr 12, 2012

We are trying to get the waep template (default no changes) from the Cisco WebAuth bundle to work on a 5508 controller.
 
We've setup the controller to use the custom login.tar that comes with the waep template folder in the bundle. We setup the WLAN to work off the global template and we used the config network web-auth secureweb disable command to allow only http rather than https (which is supposed to work in 7.2 code)
 
When we test with the custom bundle, we get no answer from the controller, just a url of [URL]
 
If we turn custom off, and use internal everything works...
 
Just to be clear.. we aren't looking for authentication (user and pass) we are trying to do the enter your email and click accept to the aup method.

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved