i am getting an error during the Upload of Login page for WLC 5508 customized.After the upload is completed i receveid the error "Error extracting webauth files."I tried to create the file *.tar with different program (winrar, 7zip, gnu tar, etc)
View 3 Replies
I have a new fresh 5508 release 7.0.98.0 When I try to download (I mean upload to the controller) a customized Webauth bundle in .tar format I have the following message error in the syslog :*TransferTask: Oct 29 12:56:08.894: %UPDATE-3-UNTAR_CMD_FAIL: updcode.c:2832 Error during untar of webauth bundle. Tar returned 256.
View 17 Replies View RelatedI am using webauth and need to install a SSL cert to prevent the "There is a problem with this website's security certificate" message. I have a Wildcard cert that was issued by Network Solutions that I use on a couple web servers I run, and want to know if I can use that for the WLC? It's a pks cert and I think the WLC needs to use a pem cert, so I converted the wildcard to pem. Or do I need to purchase a cert that is not a wildcard and is in pem format?
View 7 Replies View RelatedI have in the past downloaded the webauth bundle to a wlc 5508 running 7.0.98 successfully. I am trying to upload a new bundle after modifying the AUP but I get an error after the download to the wlc.
The error with FTP or TFTP is
% Error: Webauth Bundle file transfer failed - Unknown error - refer to log
I've tried to copy the unmodified bundle from the zip and get the same error so I don't think it's the login.tar file.
We have disabled the WebAuth SecureWeb on our 5508 WLCs so Guest users can access the guest splash page without the certifiacate error. The controllers are currently running 7.3.112.0. Everything works fine with the WebAuth SecureWeb enabled, but once we disable the guest users are not redirecting to the splash page anymore. I remember having to reload the controller in the past to disable HTTPS completely, but is this still the case? I don't see any documentation supporting the need to reload.
View 2 Replies View RelatedWe are trying to get the waep template (default no changes) from the Cisco WebAuth bundle to work on a 5508 controller.
We've setup the controller to use the custom login.tar that comes with the waep template folder in the bundle. We setup the WLAN to work off the global template and we used the config network web-auth secureweb disable command to allow only http rather than https (which is supposed to work in 7.2 code)
When we test with the custom bundle, we get no answer from the controller, just a url of [URL]
If we turn custom off, and use internal everything works...
Just to be clear.. we aren't looking for authentication (user and pass) we are trying to do the enter your email and click accept to the aup method.
Every file I download seems to be corrupt, although, files I download from another computer and put on a flash drive and install them from the flash drive work no problems at all. I'm putting this here because this might be relevant to the problem, my AMD display driver crashes every once and a while for no particular reason and WhoCrashed points to atikmdag.sys being the problem (I believe I may have fixed the BSOD through a guide) but nevertheless I would like to find out what is causing this. I've been testing things for three days now, different PSU, same, RAM tests came back okay, CHKDSK came back okay as well as wiping my hard drive and re installing windows, fresh download of all the drivers, latest display drivers, no viruses, and done everything on the "Why do I get the NSIS error list"
View 4 Replies View RelatedI made a reservation then cancelled it online, but Sheraton Dallas Hotel charged my MC for one night for "No show ". Because they did not send me e-mail confirmation for both reservation and cancellation, I have no way to prove my cancellation. In e-mail they said:
"At the time you booked your reservation online you did not have your email address noted"
I have been traveling for the past 10 years and reserved Hotels online, and I never forgot to give my e-mail address not even once, so how could they said that I forgot this time ? I believe in keeping expenses low, if I don't give my e-mail address, I may end up paying expensive long distance call to communicate, as many hotels have no toll free numbers for dispute solving, so it's impossible that I forgot to gave my e-mail address! Unless someone manually erased my e-mail address for unknown reason. This I see as indication that a computer system error existed at that time What do you advice me to do to solve this problem ? Maybe computer system record ? In that case what particular system file I should ask them to mailed to me. Is there any way I can spot if there was any tampering? Like erased my e-mail entry, erased cancellation request?
I am trying to apply WLAN template from NCS to two WLCs 5508 and I receive this message."Another WLAN with same SSID and either WPA1/ WPA2/ WPA1+WPA2 is enabled. Please change the Layer 2 security policy."The template has layer 2 security with WPA+WPA2 enable and 802.1x.I have other WLAN template with other name and other SSID with the same security policies with no problem to apply.
View 2 Replies View RelatedGetting a lot of the following errors on our 5508 form the same subnet: 10.20.0.1 255.255.248.0 . I tried researching and not getting much.
broffu_SocketReceive: Jul 17 10:11:10.068: %DATAPLANE-3-DP_MSG: broffu_fp_dapi_cmd.c:2891 FP0.09:(7089389)[cmdAddIpv4:2921]failed to find ipv4 10.20.6.58
[code]....
I am tryign to join my first AP to the 5508 and am gettign this error int he logs.
*Dec 07 10:42:31.067: %DTL-3-NPUARP_ADD_FAILED: dtl_arp.c:2280 Unable to add an ARP entry for 0:0.0.0 to the network processor. entry does not exist
The management Interface is on the the same vlan as the AP , both untagged ports. the AP gets an ip address from my dhcp server.
I installed NGS 2.0.2 for wireless guest user management and authentication. I implement webauth via webauth page on wlc deployed.One Branch with a WLC5508 version 7.0 wireless anchor controller is working on the NGS.But now I integrate next branch with WLC4402 version 6.0.188 and the authentication of users at the new branch gets an error, wrong user/password.
I double checked configuration and user/password but I can't find any configuration error. Also stopping and starting of radius service and reboot of NGS still does not work. I tried to debug the radius via web interface and watched for the loggfile and there is still a reject.I also tried the freeradius command radiusd -X but I got an error when starting the radiusd -X.
1.) How can I figure out, if I will get the correct password from my WLC ? Are there any debug options to see more ? e.g. some cli commands, radiustest utilities or how to get the received password from the chap challenge of the debug ?
2.) I have appended a part from my radius loggfile. How can I find the detailed error in the radius log file? Is it correct that the password in the debug file is empty ? raiuds logg line "[radius-user-auth] expand: %{User-Password} -> "
one of our customers wants to update the firmware of a 5508 wlc, but always gets the following error message:
Error Message %UPDATE-3-INV_FILE_SIGN: Error! Invalid image signature!. Image may be corrupt.
but the same image works fine on another 5508.the update was downloaded via a smartnet for the wlc, on which the update works fine. does the customer has to download another image for the second controller, or should the image work on both wlc?
I am facing problem with an outdoor access point AIR-1522-K-E series which is unable to join a wirless lan controller 5508. The wireless AP is able to get IP address from dhcp server and discover the Wireless controller IP address. After this i see following status messeges on the console of AP.
*Aug 27 11:04:19.767: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Aug 27 11:04:21.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.2.64.50 peer_port: 5246
*Aug 27 11:04:21.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Aug 27 11:04:21.707: %CAPWAP-5-DTLSREQSUCC: DTLS connection created successfully peer_ip: 10.2.64.50 peer_port: 5246
[Code]...
I have a device manufacture there are requesting the following change on a customer's WLC 5508.
-config advanced eap identity-request-timeout 60
-config advanced eap request-timeout 60
I have studied many guides but I can't find out if there is a down-side to setting the timeout this high.Could it result in slow roaming or re-authentication if there is a connection error? The customer have large areas with high client density and some outdoor areas with low client density.
i have a problem with 1552E to register with 5508 WLC, and always got "AAA authentication error” in the WLC log, while AAA is not enabled. so my question is , do i need to add the MAC address to the WLC MAC filter list even if i not enable the AAA server in the WLC.
View 9 Replies View RelatedI an currently running Cisco (ACS 5.2.0.26.3) and attempting to get my Cisco 5508 WLC's (7.0.98.0) loaded into ACS for TACACS+ authentication for managment users.
However I keep getting the following error:
*emWeb: Sep 14 14:44:45.931: %EMWEB-1-LOGIN_FAILED: ews_auth.c:2104 Login failed for the user:test_tac. Service-Type is not present or it doesn't allow READ/WRITE permission.
Now I've attempted the step-by-step using the following URL but to no avail.( there are some slight differences in ACS 5.2)
[URL]
Latest WLC configuration guide I could find (Software Release 7.0 June 2010) isn't much useful either.
I'm starting to see an error creep up that I havn't seen since 2003/2004 on my brand new 5508 controllers. I'm recieving the following from my WCS: Receive Multicast Queue is full on Controller and then on the controller itself RX Multicast Queue Full. I understand this used to be due to a large influx of ARP requests or CDP packets on older controllers but, this was supposed to be fixed in an update many years ago.
Has seen this on their 5508's. These were advertised as having the horsepower to handle our user loads which arn't really that high at 300 users at any given time max.
After reboot WLC , the switch port was err-disable , the cause is link flap after we reboot 3 times , the switch port link flap err-disable every time? We don't know why the WLC rebboot will cause it , it just normal action on device the WLC version is 7.4.100.0 link switch with access port , no port channel , no portfast.
View 11 Replies View RelatedI have 2 5508s (foreign and anchor both running 7.2.110.0) with an open WLAN configured via mobility anchors. This configuration works and has no problems. My next task is to incorporate a webauth page (accept/reject) to present the clients with AUP information, etc. On the foreign controller I created a test WLAN (open) and setup webauth Passthrough using the Cisco webauthbundle (wap.html), this works as intended, no issues. However I am at a loss as to how to incorporate the webauth Passthrough functionality on the WLAN that is configured for the mobility anchor.
View 2 Replies View RelatedRecectly we replaced Cisco 2100 Series LAN controller to Cisco 5508 Wirless LAN controller , I downloaded WebAuth Bundle from my Old LAN Controller ,when i am trying to upload to my New Wireless LAN controller ,its not uploading and also it gave me uploading failure error message .
View 2 Replies View RelatedI would like to get webauth bundle sample to create custom page for our AP controllers but I'm unable to find the sample .tar within the WCS itself.Some other WCS manuals has references in them that says there should be link to download sample from WCS but clearly 2106 hasn't got one.There's one in download section "webauth bundle 1.0.2.zip" but this is for registered partners and costumers, we are not registered as partners and cannot download the sample ourselves.
View 2 Replies View RelatedI'm trying to install a webauth certificate -- it works fine when unchained, however once I add the additional information the installation fails. I am using the same root and intermediate certificate information as last year, and it worked fine then. I can recreate last year's pem file with the chained information and it installs fine, so it's only when I include the new device certificate information that it fails. The certificate installs fine when it's not chained, I'm not receiving any openssl errors, and I'm not using openssl 1.0.
View 1 Replies View Relatedi've upgraded our WLC 5508 from 7.0.220 to 7.2.115.1.For our guest WLAN we use web authentication with customized startpage, no login error page and no logout page. The customized login page is displayed correctly. After successful authentication the browser is forwarded to the default CISCO login page "login.html". No further autentication is possible, also no internet access.Reload the customized webauth bundle to the controller didn't change anything. Is there a change in the HTML/Java code of this controller version? I didn't find any hint in the release notes. Or do I need the newer web authentication bundle with version 1.0.2?
View 6 Replies View RelatedI understand that Cisco have at long last provided a facility to separate HTTP web authentication from HTTPS WLC management on WLC code 7.2.x for the new 5500 series WLCs.
My question is does Cisco intend to provide the same much needed functionality on the 4400 series WLCs that are running 7.0.x code? I was looking through the release notes for v7.0.235.3 code and that did not seem to mention this functionality. I know we can get around the problem by purchasing an SSL certificate so that guest users with web authentication do not have to see the same security warning each time they log in but the idea to separate the HTTP web authentication from HTTPS WLC management seems so much simpler.
I have a custom webauth page installed that I am using with web passthrough authentication on my WLC2006 in order to put up a acceptable use policy page. The WLC uses HTTPS to display this which causes a security certificate warning to appear if I go with the WLC's own self-signed certificate. Is there a way I can get the WLC to use plain HTTP to display this page instead so I can eliminate the warning? I have already tried installing a trusted 3rd party certificate on the WLC, but I have this very strange problem where mucking with the WLC's web authentication certificate in any manner causes all network activity on the WLC to break except for CDP and ARP, essentially leaving the WLC dead. Three weeks of troubleshooting with Cisco TAC has yielded no progress on that front so now I am trying to bypass the need for a security certificate altogether since I really don't need to encrypt my acceptable use policy page.
View 13 Replies View RelatedWeb auth redirect URL gets dropped if stateful firewall is between webauth host and switch management interface. Aaron at Cisco live london kinda hinted about maybe Cisco working on this ? We can't disable stateful inspection. Is there any other solutions or workarounds ?
"Although this approach introduces additional hops in the return path from the switch to the host, it produces negligible load on the default router and intervening infrastructure since only the WebAuth traffic from the switch to the host follows this path. In campus designs that do not use SVIs on the data VLAN,6 a default route is typically already configured. In this case, no additional configuration is required to support WebAuth.
However, problems may arise in the case in which traffic to the default router is bridged through a stateful firewall. The original SYN packet in the TCP handshake is consumed by the access switch, so the first packet that the firewall sees is the SYN-ACK packet from the access switch. Stateful firewalls typically drop SYN-ACK packets if they have not seen the original SYN packet.In this case, you will need to turn off stateful inspection for ports 80 and 443 on the firewall."
I have a server connected to my router with a CAT5. I usually manage the server from my laptop connected to the router via WLAN. I often need to add files to a public folder on the server so it can be dowloaded by my clients when they need them. I can access my personal laptop from the server, but I cannot access the server's files from my laptop. This is recent and used to work fine. I also cannot acces other personal computers on my network that I often connect to
View 11 Replies View RelatedI've installed a Cisco Wireless LAN Controller (4402) with six access points (AIR-LAP1131AG-E-K9) and created two WPA2 protected WLAN SSID's (e.g. internal and guest) and everything works fine.
The WLAN SSID named Guest, should be used for externel people. This SSID aditonal WebAuth. This also works fine, the guest receive a WPA2 key and username/password for WebAuthentication. But this works at this point only when they user WirelessLAN.
Now my Question: Is it possible to provide the setup also to the wired network using the WLC?
The router 1841 is connected directly to the layer switch. the network diagram is below:
Office A --> Switch (L3) --> Router 1841 --> Internet --> Office B
However, when I transfer the file from Office A to office B, the speed very slow ( only around 40 kb/second), and there are an input error and CRC error:
Cisco-R1841#sh interfaces FA0/1
FastEthernet0/1 is up, line protocol is up
Hardware is Gt96k FE, address is 0019.e02f.03dd (bia 0019.e02f.03dd)
[Code]......
I'm trying to open certain websites but the browser gives me this message: "Network Error (tcp_error) A communication error occurred: "Operation timed out" The Web Server may be down, too busy, or experiencing other problems preventing it from responding to requests. You may wish to try again at a later time.
View 8 Replies View Relatedi'm currently studying at a college which has a website with a student intranet that is available to log in from any computer. So far it has been working well and I can log in on my home laptop and upload documents and look at presentations etc. Today for no reason when I try and log in I get the message Error Code 500: Internal Server Error and the webpage does no appear.I have had no problems previously and this has only happened today and yesterday, I went down to the college and accessed the website fine from the computers in the library but still no joy from my home computer.
View 1 Replies View RelatedWe are using HPUX server to collect files from switch to our server. Our server connect to cisco router and the cisco connect to X.25 protocol to communicate with switch. My question, how could i collect files from swicthes to our server and what is the command can i used ?.
This is some info about router.
'Serial0/0/0 is up, line protocol is up
Hardware is GT96K Serial
Description: LL018766
MTU 1500 bytes, BW 1544 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
[code].....
