Cisco :: Authenticated Guest Access Of Apple Devices WLC4400

Apr 26, 2011

On my wireless network, I am running guest access that I want to have as authenticated. If I enable WLAN, security, layer 3 web policy, when an iPAD / iPhone connects, they get directed to the Web Auth splash page, on where they must enter username & password. My users do not want to be directed to this page everytime they login - just select the SSID and connect - is there a way of authenticating guests via a WLC4400 without going through the splash page everytime?

View 6 Replies


ADVERTISEMENT

Cisco Wireless :: 5508 - Apple Devices Timing Out From Guest Network With Captive Portal

Jan 29, 2013

I am setting up a new Guest network with a captive portal and it seems to all work fine except when Apple devices go to sleep. When they come back on it isn't just a case of logging in again as it just indicates to the client that it is still connected and won't present the login page again. The Controller will show the client as auth required. So far the quickest way has been for me to delete the network on iPads and re-enter my settings or create a new profile on a Macbook and join again. I have also had some success when doing a manual DHCP refresh on my Macbook which sometimes seems to kick the Controller into action so it presents the login page to the client again. Whether it is related to the timers on the Controller (5508 running code 7.0.235.3) or - as I just read in another post by Leo - the 20 minute timeout that all Apple devices have built in to conserve battery life

View 3 Replies View Related

Cisco Wireless :: 7.0.220 / Apple Clients Authenticated But Show No Username In WLC

Aug 1, 2012

Running 7.0.220. There are several 'unknown' users every day reported in WCS. Investigating the connections on the WLC I find the clients are in a run state and passing traffic but there is no username listed on the client detail. (hence the unknown on WCS)
 
(mcm-189jsoc-wlc1) >show client detail 60:c5:47:07:b6:5a
Client MAC Address............................... 60:c5:47:07:b6:5a
Client Username ................................. N/A
AP MAC Address................................... 00:1e:13:42:16:a0
AP Name.......................................... mcm-208dorm-wap1

[code].....
 
Clients in this state are usually Apple products. From initial investigation it looks like the do authenticate with the ACS. r debugs to run, or fixes on the WLC? Perhaps there's a bug on this behavior?

View 11 Replies View Related

Cisco Wireless :: 877w - Apple Devices Not Able To See Wired Apple TV

May 15, 2013

how to setup the wireless interface to forward multicast packets?  Basically I cant get the ipads etc.. to see the AppleTV to control it.  I connected an AP and it works fine so its got to be something with the way the router handles the packets from teh integrated wireless interface.  I've been searching the forum for about 1hr and haven't founf anything other than a breif mention of broadcast forwarding and multicast setup.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: ACS 1120 - How Many Devices (MAB) Can Be Authenticated

Jan 23, 2012

I´m currently looking for a document that specify how many MAC addresses can be stored and authenticated via an ACS (1120)? I prefer to use the internal identity store over AD or LDAP for MAB authentication for 802.1X project. I would like to know what is the impact on the ACS? CPU/MEM? What is the impact on the user authentication? delay, timeout, etc.

View 7 Replies View Related

Cisco Wireless :: 5508 - Apple IOS Devices

Jun 14, 2012

I'm seeing a problem with Apple IOS devices connecting from one SSID and then connecting immediately to another. I've tried to replicate this fault with non Apple IOS devices, but I'm unable. 

Environment:
Single 5508 WLC running 7.2.110.0 AIR-LAP1142N-A-K9 AP's
 
WLC is in clients head office, MPLS to their branch sites. AP's are in Flex Connect mode, with AP and Flex Connect groups for the AP's at the branch. 3 x SSIDs; Corporate (802.1X), Guest (Web-Auth) & Non-Corp (PSK).
 
Scenario:
Client is connected to the Corporate SSID with his iPad (new model, running iOS 5.1.1). No problem with access, he is able to roam throughout the building with good SNR/RSSI. He wants to test the other SSID's, he attempts to connect directly to the Guest or Non-Corp and gets an error message on the client saying 'Unable to Connect' or 'Unable to Join'. Debugs on the WLC for the client shows no connection attempt, no errors. I can see the client disconnect from the Corporate SSID, but nothing for the Guest or Non-Corp SSID.
 
If the client then disconnects and forgets the Corporate SSID from the wireless profiles on their i Pad, waits 20-30 seconds (I can see the client disconnect cleanly from the WLC) and then attempts to connect to the Guest or Non-Corp SSID's - he doesn't have a problem. He immediately associates, and is able to connect. If he then tries to connect directly to another SSID, while still associated to another from the same WLC/AP – he gets the error again. Forget/wait 20-30 seconds, attempt to connect – no problem. We've tested with several i Phones (4 & 4S), i Pads (2 & new model) - all running the same Apple IOS (5.1.1).
 
I unfortunately can't do much troubleshooting with TAC on this as the client is no longer onsite, and I don't have a 5508 in our lab that I can currently test with. I've tried playing with beacon intervals, etc to no avail.

View 3 Replies View Related

Cisco :: 4400 / Apple Devices Not Releasing IP Addresses?

Oct 10, 2011

We have a Cisco 4400 controller and a mix of 1010 and 1131 access points.
 
We have been running out of IP's on our DHCP server because the apple devices are not releasing there IP's.

View 1 Replies View Related

Cisco Wireless :: WLC 2504 / Apple Devices Dropping Off Wi-Fi Network?

Jul 25, 2012

I have recently deployed a wireless network using a WLC 2504 with 21 Light APs. All seems fine except that Apple Devices drop their connections every 15 minutes or so. A couple of minutes later they can reconnect but obviously something is wrong.

View 2 Replies View Related

Cisco Wireless :: 4402 Wlc / Apple Devices Several Retries To Connect SSID?

Jun 11, 2012

In the company we have two SSIDs for corporate and guest networks respectively when I try to connect to any of the SSIDs it doesn't happen until 5 retries. The only log I get that seems to be related to it is the following:
 
*Jun 11 11:48:09.062: %APF-1-DISCONECT_MOBILE_DUE_TO_WLAN_SW: apf_policy.c:541 Disconnecting mobile 00:23:32:73:d7:15 due to switch of WLANs from 1(femsawl) to 2(visitas)
 
Here it shows a switch between SSIDs but if you just turned on an apple device and try to associate for the first time to any of the SSIDs the scenario is the same, several tries to connect.I am running a 4402 wlc with 6.0.202.0 software version.

View 4 Replies View Related

Cisco Wireless :: 1200AP - Apple Devices Choosing Wrong Encryption

Apr 14, 2013

I have two Cisco 1200AP.
 
I have it configured with two SSIDs, one corporate (802.1x) one using WPA2 Personal.
 
I have no issues on the corporate, but I have found that Apple devices appear to detect it as a WPA2 Enterprise, and request a username and password.
 
If I enter the network manualy as WPA2Personal the devices joins the network ok. Then ocasionaly the device looses its link to the network and fails to pass traffic.
  
Building configuration...
Current configuration : 5134 bytes
!
version 12.2
no service pad

[Code]....

View 4 Replies View Related

Cisco Wireless :: 1140 - Apple Devices Asking For Password On Open Networks

Jan 27, 2013

we are running 1140's and 1130's in autonymous mode and seeing a TON of requests for passwords on IOS devices where we have an open network.
 
This typically happens when we things are busy in the space.
 
All other non IOS devices do connect, and most IOS devices connect after a considerable amount of time.

View 5 Replies View Related

Linksys Wireless Router :: WRT120n - Intermittent Connection For Apple Devices

Dec 3, 2011

I recently upgraded my Linksys wrt120n router firmware & had to reconfigure settings.  Subsequently, some (but not all) of my apple devices are having intermittent wireless connection problems.  Specifically, my ipad1 & ipad2 never lose their connection but a mac book pro (~ 2 years old), iPhone 3g, iPhone 4, older iPod touch & very old i book g4 all work for a period of time (usually 1/2 day) & then lose their connection.  When I attempt to reconnect these devices I receive the following error..."unable to join the network xxxxxx....".  I also have a Dell laptop (1 1/2 yrs old) that generally does not have the connection problem.  Finally, when the devices do lose their network connection all I have to do to reconnect is go to the Linkys router setup webpage & click on save & the wireless connection works again (almost like this is just refreshing the connection for these specific apple devices).  I was not having any problem prior to the firmware upgrade & from what I have read the older firmware version is no longer available so going back to the old firmware does not appear to be an option. 

View 1 Replies View Related

Cisco Wireless :: 5508WLC Whitelist For Guest Access And Securing Guest-access?

Aug 18, 2011

Is it possible to allow certain websites to bypass the web authentication pages, so that they do not need to authenticate to get to our own website, but do have to if they wish to go anywhere else?Looking at a 5508 model at the moment

View 4 Replies View Related

Cisco :: AIR-LAP1131AG - Limited Access When Authenticated

Oct 8, 2011

At one of our locations we are experiencing some problems getting connected to our wireless networks.
 
It is possible to sit right next to an AP (AIR-LAP1131AG) and only have limited access to the network.
 
I have attached a snapshot from inSSID from the wireless networks in the area. All of them are broadcasted by our controller and I can´t figure out how it is possible to see SSIDs in other channels than the ones in the 2.4GHz band (11-14)?

View 1 Replies View Related

Cisco Firewall :: 5525 Authenticated User Access

Oct 31, 2012

We've just replaced our Fortinet Firewalls with 5525's but are struggling to get a feature working that worked great on the Fortinet firewall.All our users use a proxy for internet access that's configured in IE but from time to time some users need to remove this proxy and go directly out to the internet, with the Fortinet devices we created a rule right at the bottom of the inside access out rule that had it authenticate users via TACACS which worked a treat and could be used from PC or laptop. We want to do a similar thing on the 5525 and I thought the Authenticated user would give me this access but I don't seem to be able to get it to work. I've got the AD side of it working fine the ASA can pull user and groups from AD but I'm struggling to get this working for a user.

View 3 Replies View Related

Cisco Wireless :: WLC 5508 To Use Apple Bonjour Service For Apple TV And IPads

Oct 22, 2012

A customer of ours has the following access points and wireless lan controllers on site.  They want to use the Apple Bonjour service with Apple TV's and iPads.  I have enabled multicast feature of the 5508 globally and one the SSID.The Apple TV has an ethernet connection and the iPads connect over the wifi.  The Apple tv is on the same subnet as the iPad's - the Bonjour features do work for approx 5/10 minutes then it stops working for some reason. The Access Points plug into a Cisco 2960 Layer 2 switch, the 5508 controllers plug are in LAG mode and plug into a Nortel Layer 3 stack which I have enabled IGMP snooping.I've read that the Apple Bonjour service isnt designed to work on a multi subnet network - but both the Apple TV and iPad are connected on the same subnet.  Sounds like some kind of timeout but not too sure.

View 5 Replies View Related

Cisco :: WLC4400 Http No Response

May 26, 2012

My WLC 4400 have run the os 4.2.207.54, my ap type is AP1020.And client user authentication by web-auth.Sometimes my user complain cannot login web authentication, because he connot open the web login page.And I try to monitor the WLC by SNMP, I see the http no response.

View 1 Replies View Related

Cisco Wireless :: WLC4400 - Switching From One SSID To Another?

Mar 8, 2010

on my wlc4400 when i want to move from one SSID (PEAP for eg) to another (Guest Open for eg) i have to : - disconnect from the 1st SSID (no trouble at this stage)- try to connect to the 2nd SSID ... cancel it (or wait for a long time it will stop)- try to connect another time to the 2nd SSID .. and now it works We are using windows client. The trouble is the same with all the cients.
 
I'm setting up a new 5500 (Software Version 6.0.188.0 ) and i have a similar trouble (but more important I want to move from the entreprise SSID (PEAP)  to Guest (Open) I have to : -

Disconnect from the entreprise SSID (no trouble at this stage)- try to connect to the Guest SSID ... cancel it (or wait for a long time it will stop)- try to connect to the Guest SSID ... -> DHCP assignement waiting ... and fail- try to connect to the Guest SSID .. and now it works

I want to move from Guest (Open) to the entreprise SSID (PEAP)  i have to : -

Disconnect from Guest SSID (no trouble at this stage)- try to connect to the entreprise SSID ... cancel it (or wait for a long time it will stop)- try to connect to the entreprise SSID ... -> Sometimes it works ... sometimes the client display "not connected" very quickly- try to connect to the entreprise SSID .. and now it works?

View 4 Replies View Related

Cisco Wireless :: WLC4400 Obtaining IP Addresses

Feb 6, 2012

I have had our WLC4400 in place for around five years.  No configuration changes have been made to it or the 32 LWAPPs connecting to it.  We have begun to have some spotty issues with client devices.  The error message says they are unable to obtain an IP address.  After they wait a few minutes, they connect.  We have plenty of DHCP addresses available.  We have 25 locations with at least one AP and the problem seems to be system wide.  One person can connect and the person beside them cannot.  Many say they have been connecting to our library wireless for a long time with no problems. 

View 17 Replies View Related

Cisco VPN :: WAP321 Guest Network Will Not Supply IP To Wireless Devices

May 25, 2013

Have a WAP321 connected to a Cisco SG200-08P then connected to a Cisco 2901.  The main wireless on vLAN 1 works fine.  However, the Guest on vLAN 4 (Choose vLAN 4 as per the included docs so guests will be unable to see the production network) will not give an IP to any wireless device.  Looking for documentation on getting the Guest radio working.  The included documention for these 3 devices do not address how to get the Guest radio to work.Does vLAN 4 need setup on the 2901? Have just 1 internal port on the 2901.

View 14 Replies View Related

Cisco Wireless :: 5508 - Apple OS 6 Not Working On Open Access Network

Sep 24, 2012

I am beginning to get many emails from users who have recently upgraded to OS6 and saying now they cannot connect to our open access wireless network. We use a separate server that users must agree to a user agreement page and they say they get it, but after agreeing, it goes blank and they cannot connect. I am using mostly Cisco 3502's with the 5508 controller using 7.0.112.0 IOS version. Nobody in our IT department has yet to test OS6 yet.

View 9 Replies View Related

Belkin Routers :: F5D8236-4 V2 - Apple TV Overrides Internet Access

Dec 2, 2012

When using router to feed signal to Apple TV the PC connected to the router loses signal. Using belkin router model F5D8236-4 v2

View 1 Replies View Related

Cisco Wireless :: 2960 - Autonomous Access Point / Get Guest To Access Internet?

May 9, 2012

I have two SSIDs on an Autonomous Access Point, that goes to a 2960 switch, that connects to a L3 3560. I have a vlan for admin/private internal access that uses the native vlan (1) and guest vlan (50). I have configured both and I am trying to get both to go out the same Internet connection.

I cannot get the guest access to access the Internet. It looks like my computer will go, but it just comes up saying no Internet access.All interfaces are trunking this vlan properly. I can communicate from the laptop to the 3560 but I just can't get to the Internet.          

View 10 Replies View Related

Belkin Routers :: N750 - Access Point Support Of Guest Access

Jan 9, 2013

Does the N750 (F9K1103V1) support Guest Access while in Access Point mode? It will not provide an IP address when a guest attempts to connect.

View 20 Replies View Related

Belkin Routers :: F9K1102 V1 Guest Access While In Access Point Mode

Jan 17, 2013

I have an n600 ( F9K1102 v1 , firmware 1.00.09 ). My ISP provides my main router for my network, but I want to use the N600 as an access point, I have activated the "Use as Access Point" feature.Is it possible to still utilize the Guest Access feature in this case?

View 1 Replies View Related

Linksys Access Point :: Access Guest Account Through WAP54G?

Jun 9, 2011

My network is such that I want to extend the signal of the GUEST account.  I have a WAP54G set up for that purpose and am getting a very strong signal.  I can access the main network, but not the Guest, I cannot even see the GUEST access. Any setting change that needs to be made that will allow me to access the GUEST account from the Access Point?

View 2 Replies View Related

Guest Internet Access - Multiple Access Points?

Dec 13, 2012

Here is my setup:

Netgear WNDR3700 - Main router, DHCP turned on
4x Netgear WNR2000 - Setup as Access Points (DHCP turned off), connected to main router via LAN ports

I only want the guest network to have internet access. I have the guest network enabled on the router and access points with the option to "Allow Guest network to access main network" disabled. My problem is that since the access points aren't hooked directly to my modem via the WAN port, the guest network broadcasted from the access points does not have internet access.I have read up on setting up a separate subnet for the guest network using DD-WRT but was curious if there was a way to get the desired result with the stock Netgear firmware.

View 9 Replies View Related

Cisco AAA/Identity/Nac :: ACS 4.0 Not Getting Authenticated With 2008 AD Server

Nov 8, 2011

I have a cisco ACS 4.0 build 27  on windows 2003 server . My site was working fine when i was having a AD on 2003 server . Recently i have migrated my AD servers is 2008 .
 
After the migration the ACS is not authenticating the users . Now i have made a server with 2003 and made the site working . I need a solution to make it work using 2008 server is there any compatiblity issue  between ACS 4.0 and  2008 server .

View 1 Replies View Related

Cisco :: SNMP Web Authenticated Users Wlc 5508?

Apr 4, 2013

I am using web authentication with my Wlc 5508 and I would like to check all users currently connected (ip, login used, MAC address, ...) with SNMP.
 
I am using an external web server and my client are authenticated with ldap.
 
I know I can receive these information with traps, but I would like to create a short program which will check all users when I click on a button.

View 2 Replies View Related

Cisco :: Clients That Are Not Authenticated Taking IP Addresses - WLC 5508

Feb 21, 2012

I work on a college campus that has thousands of students a day accessing our wireless network.  We have broadcast SSID that the students use to connect to the internet.  The students usually have more than one WiFi enable device on them and their laptops and phones both take an IP address, but they are only using the laptop to authenticate while the phone is associted, but not authenticated.  In the meantime, I have several thousand IPs being used by their phones/iPods etc.  Is there a way to revoke the DHCP lease if the client does not authenticate within a specified time frame (i.e. 10 minutes)?

View 3 Replies View Related

Cisco AAA/Identity/Nac :: WS-C4510R+E - Wired 802.1X With ISE / Some Computers Cannot Be Authenticated

Aug 28, 2012

We have a customer which is using ISE with 802.1X in order to authenticate computers. All the computers have their own certificate and most of them can be authenticated fine! The issue is that some computers cannot be authenticated.The port configuration the authenticator (Cisco WS-C4510R+E IOS 151-1) are configured exactly the same: [code]
 
But for some reason some PC cannot be authenticated. A wireshark capture on the computer not working shows that the computer receives a EAP Request Identity and also send a Response Identity to the switch but then nothing happens more: So the process is stucked in the EAP-Response/identity. I attach a debug capture on the switch for one of the computer which cannot be authenticated.

View 4 Replies View Related

Cisco AAA/Identity/Nac :: 5520 VPN Users Are Authenticated Against MS-AD Through LDAP

Sep 1, 2011

I have 2 ASA 5520 (v. 8.21) in a active/standby fail over configuration.
 
VPN users are autenticated against the MS-AD through LDAP. For the most part this works well. Occasionally I'm having problems with new users in the AD. If I run a test I keep getting "User was not found". This can happen days after the account was created still. In some cases it never seems to work. The accounts I create exists on the same OU level as all the other accounts that are working.

View 2 Replies View Related

How To Set Up A Guest Access

Dec 12, 2012

how can i set up a guest access?

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved