I am trying to create a welcome screen for people who join the guest network on my aironet 1040.Webpage pass-through is really what I want but I know that doesn't work on a 1040.What does: IP redirect, Conditional Web redirect or Splashpage redirect?
View 1 Replies
I know it is possible to create custom web auth splash pages on the WLC 5508. Is it also possible to embedd a small document (less than 1MB) that users can download directly from the controller? I need this for providing the terms of use for the Guest WLAN.
View 3 Replies View RelatedAt present I have a WLC5508 as a guest anchor in a DMZ and a web-auth passthrough WLAN configured. There is a custom web bundle providing a terms and conditions page.
We want to start to capture the minimum data from a user that logs onto the guest wireless ( email address ) and would like to use the check email function on the controller - BUT - at the same time move from using the web bundle locally hosted splashpage on the controller to an external web server provided splashpage / walled garden.
From my understanding not sure that this is possible as the email check function is only valid in passthrough I think.
I want to setup a webpage for my guest network (no authentication) users. When the client connects to the open guest network and upon opening a browser they would be directed to a survey that I would like them to take, if they don't want to take it they can begin browsing to other sites without issue. How do I do this on a my 5508 WLC?
View 12 Replies View Relatedeveryone can connect to the 1040 ap except my laptop and another one. for some reason it stopped showing , it was working fine and out of the blue nothing.
View 2 Replies View RelatedI have been racking my brain for a while and cannot figure out why I am not getting 144Mbps out of my Aironet 1040. I was reading a previous thread ([URL]) and set it up exactly like it said. I have set the encryption to Cipher AES CCMP and set the SSID to open authentication. I also set the SSID's key management to enable WPA (WPAv2).
I was reading that WMM has to be set. I have 3 options: Disabled, Legacy, and dot11d. If i chose dot11d I have to put in a coutry code. Problem is there are no options in the country code pull down. I cannot even manually type it in.
Another problem is that cell phones cannot connect. It keeps saying authentication fails in the log.
I am attempting to configure two Aironet 1040 series wireless access points for the first time and am having some difficulty. This office does not have a RADIUS server so I would like to set them up to use WPA2 with a pre-shared key. However just how this is accomplished is not immediately apparent. I have attempted using both the command line interface and the web interface, but I get errors in both places. It doesn't seem like it is all that difficult, we're just talking about a few lines in the configuration file.
This is what I have so far:
Current configuration : 1684 bytes
!
version 12.4
no service pad
[Code].....
i have ~ 25 employees which are connected to the AP . I have a 2mb dl and 2mb ul microwave lease line.The AP disconnects ever couple of hours for a minute?
View 3 Replies View Relatedwith our WLC 5500 controller, once the clients get the DHCP address the page is not redirecting them to the guest portal.What is the best way to check as to why the redirection is failing.
View 8 Replies View RelatedWe are currently using several AP's in our organization. And in this one AP i want to give a user the power to change the password of the wireless network to prevent miss use. I was wondering if it was possible to create an account who only has the privilege to change the WPA key?? I want to prevent that he will accidently change other settings.
View 5 Replies View Relatedwe have several AP1040 in the office, but the latter is a Dual Band 2.4 GHz and 5 GHz. And we have problems with all workstations MAC OS X gets a lot of disconnections during the day, the strangest thing is that the OS X community is aware of the problem, and their only recommendation is to buy the external Aironport has better hardware.
View 3 Replies View RelatedI have a Cisco aironet 1040.
On my Accespoint i have 2 vlans: 1 for my wifi phones and 1 for my network.Wifi Lan has the SSID LAN with WPA enterprise authentication to a radius server(ms server 2008).Wifi Phone has SSID PHONE and vlan 50 with local radius authentication.This Works all fine, Except when i enable AP for my wifi phones. When AP is enabled the authentication for my lan doesn’t go to my server but local.How do I configure my accesspoints so that the cisco phones use the local radius server with AP and my windows computers connect using the ms radius server?
I'm working on setting up an Aironet 1040 Wireless Access Point for my company. It's my first time setting up something like this, and I've run into a bit of trouble.
I created my first SSID easily enough, following the manual and guides online. I set up VLAN 1 as my native VLAN and linked it to my SSID with the encryption and security that I was told to use and it works great. However, my boss asked me to set up a second connection as well for guests at the office, and this is where my trouble starts.
I created VLAN 2, and then another SSID which I linked here. I set up encryption and security the same way, and I can see the network when I open up my network and sharing manager. I can connect to the network as well, but I either get a spinning blue icon where my signal strength indicator is or a few bars with a yellow caution sign, and Windows says 'Identifying...'. I've compared the two SSIDs using the console and the GUI and I can't seem to spot any obvious differences between them.
We’re currently using 5508 WLC’s and leveraging Cisco ISE for radius/authentication rule sets.I’m trying to get a splash page to flash and then redirect to a website after a successful authentication to an SSID. Everything on the wireless side works with no splash page (users connect to SSID,authenticate with AD credentials using 802.1X PEAP to our Cisco ISE box, and gain access to the network).When I enable ‘Splash Page Web Redirect’ on the WLC (under L3 security), I’m unclear on the ISE box where I set this up. When I look in the Cisco documention it says:Splash Page Web Redirect—If you select this option, the user is redirected to a particular web page after 802.1X authentication successfully completes. After the redirect, the user has full access to the network. You can specify the splash web page on your RADIUS server. How I specify this on the ISE box? Or am I totally off base?
View 10 Replies View RelatedI have setup load-balancing on an ACE 4710 for HTTP for Sharepoint 2010. The Server Admin says that the IIS server will recognize the right site by DNS name. Problem is I have no clue how to make sure the servers get the DNS name passed to them. They says this is for a multi-homing setup so that we can run multiple sites using the same VIP to the same Serverfarm. How do I do this? I keep getting the IIS splash page since the real server cannot determine the IIS site that I am supposed to access.
View 2 Replies View RelatedI am administrating a wireless network consisting of 11 APs, ASA 5510, WLC 4402 and Router 1760.The network is sharing an internet connection to all guests without charge so I have no need for authorisation of guests.I would like to implement a splash page that would be shown to all clients when they first connect. The splash page is supposed have only the basic information about the provided service and no logon.Is there a way to do this without purchasing an ACS?
View 3 Replies View RelatedI have setup a Cisco Aironet 1040 to connect to our Radius server which I have also configured.
I can successfully connect up any Iphone or Ipad but I cannot get any laptop to connect.
I have attached the logs showing the Iphone Successfully logging in and the Laptop Failing. Every single failure in the Event log for NPS comes up with
Network Policy Server denied access to a user. Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: scottd
Account Domain: AMSLAN
[Code].....
I am trying to configure Aironet 1040 access point. After systems get connect they immediately get disconnected. The error observed on the device is as below
%DOT11-6-DISASSOC: Interface Dot11Radio0, Deauthenticating Station 000e.83c8.c88a Reason: Disassociated because sending station is leaving (or has left) BSS
and the ssid is not getting broadcasted. kindly let me what could be the cause.
[code]....
how i can set up access point aironet 1040 cisco?
View 2 Replies View RelatedEvery device I've tried to connect to my WiFi network have no issues connecting at all, except for, as far as I can tell, Samsung Android phones. My sample set is very small, but both a Samsung Galaxy S3 (both before and after custom ROM install) and a stock Samsung Galaxy Nexus.
I've tried setting a vlan up with no encryption and open authentication, and the phones just halt on "connecting". This issue is both on the 2.4Ghz and 5Ghz Radios.
What is working is various computers with both intel and broadcom adapters, a Brother printer, and a Motorola Droid 3 and Motorola Photon Q. I'm starting to think that it's an issue with the radio in the Samsung phones, but the S3 is 5ghz compatible and the Nexus is only 2.4, so they must have different radios. I'm also pretty sure that it's not software on the phones since the S3 had the same problem with stock ROM and CM 10, and the Nexus is Vanilla Google ROM.
I'm waiting to get a chance to upgrade to the new FW for my aironet 1040, and I'm going to fire up an old 1130AG as well as test with an iphone or ipod when I get the chance; I'd just really like to find out what the heck is going on with these samsung phones.
Current configuration : 13969 bytes
!
! Last configuration change at 10:18:26 MST Sun Dec 23 2012
! NVRAM config last updated at 10:18:26 MST Sun Dec 23 2012
[Code].....
I can't figure out how to get the config right for the 802.11n channel to work.
View 4 Replies View RelatedI was using Document 100787 as a guide.
1. I have 1252 & 1142 AP's connected to the Wism (6.0.188.0 code)
2. FWSM I have a 4402 (6.0.188.0 ) appliance connected as my anchor.
3. ACS is ver 4.2
All of my wireless networks function as expected. I see the successful auth in ACS. I just built a new WPA2 network and set it up to use Splash screen redirect. It doesn't seem to matter what I do it just wont work. IE or Mozilla.Test 1 was to drop the users at the wism. There was no splash screen.There was no evidence of my url-redirect in the wireshark trace.Test 2 used the 4402 as my anchor point with the same results. In both cases the client was authenticated and was able to navigate the internet and other duties. The problem is apon opening the broswer there is no redirect.
I'm trying to upload some images for my job but everytime I hit the up load link to get the image loader I get a redirect to [URL]
What does this mean? I know its a router thing because I tried getting the image loader by using the computer directly from the modem and I didn't run into the issue. Do I have to open a port or something cause all I know is the router is on security lock down.
Does aps work with Wcs ?? .
View 4 Replies View RelatedI´m looking to a project where we want to start using Autonomous AP with possibility to change to controller based on near future.
Will Cisco Aironet 1040 Series Access Points allow us to change from IOS to CAPWAP when needed? I read some posts about the oposite process (CAPWAP to IOS) so I think it´s possible on both way. Can some one confirm this to me?
Looking for some training on the 2500 series controller and 1142 or 1040 AP's preferably.
View 10 Replies View RelatedPlease find attached a simple BYOD/ISE document I uploaded to kick start my new Wireless setup. Its all configured on my ISE sever and Controller as per doc.My setup:
-3600 AP's
-Internal 5508 Controller
-DMZ 5508 Controller (acts as a DHCP server for wireless clients)
Controllers have established connectivity (mobility acnhors), as a client I can connect fine to my new SSID get a DHCP IP address back from DMZ WLC and at the moment can connect out to the Internet fine (using no WLAN Security as a test). So this part is working.I have now followed the document configured ISE, enabled AAA on the Internal WLC only and used the AAA override setting on WLAN as in the attached document.I connect to SSID expecting to be redirected to my ISE Guest Portal, nothing happens other than connecting to Internet WebPages.My question is, if I have followed this document correctly why is the Internal WLC not redirecting client requests to ISE, is this because my mobility anchors need to be re-configured, perhaps the AAA/ISE config needs to be applied to my DMZ WLC not internal WLC?
I would prefer the Internal WLC to redirect the login to ISE, doesn't make sense to traverse through the DMZ Firewall onto DMZ WLC back into the Internal Network again to the ISE to authenticate.Or am I missing something additionally to this document to make sure clients are directed to the ISE Guest portal login.
I've tried a few different ways unsuccessfully so thought I'd ask here.I'm trying to forward an outgoing port on a Cisco 800 series router. ie. When a user inside the network connects to the router on port 1234, it opens up the same port on a server on the Internet.
View 2 Replies View RelatedI have ASA 5505 with base license. I like to install proxy server in my network.I configured below commands to forward my traffic to proxy server from my ASA.
If there is any configuration that i need to configure.And if possible send me the configuration guide to setup SQUID server. ( Actually it was set up by the 3rd party vendor)
How do I redirect my port 80 traffic to my Trend Micro IWSVA in my 3550 switch? How do I use PBR? Can I use WCCP in my 3550?
View 3 Replies View RelatedI have ASA 5505 firewall with base license.I am using 10.91.40.0/24 IP series.Below are the requirements that i need to configure
1. First 30 IP's need to have direct internet access.
2. All remaining IP traffic i need to send proxy server( Squid server).
Note that my ASA 5505 is in base license and also tell whether my ASA is support for this feature.
I study at University of Ostrava and currently I am working on my master thesis. Its content is realization of few attacks on network. Now I am trying to implement ICMP redirecting attack by using Intercepter program. Diagram of my netwok you can see on enclosed picture (Schema.jpg). Through Intercepter program I generate packets ICMP redirect (ICMP type 5), which are successfully sent from PC Attacker, but these packets do not arrive to PC Victim and Warshark shows me messages „ Destination Unreachable (Host Unrecheable).“ When I use instead of Cisco switch non Cisco switch (for example: Edimax) or hub, ICMP redirects packets arrive to PC Victim and I can continue in the attack?
SW:
Switch is in the defautl setting
Cisco Catalyst 2960 IOS: c2960-lanbasek9-mz.122-50.SE3.bin
Router:
Set only IP address on FastEthernet interfaces
Cisco 2801 IOS: 2801-ipbasek9-mz 124.25f.bin
I have an ASA 5505 that I am using to connect my contractors to via an inside interface, the outside interface is my private LAN. I have setup on our corporate Proxy server to allow traffic from my outside interface of my ASA to go to the internet without credentials BUT log internet activity. The question is I want to know if the ASA can send that http & https traffic to my proxy server and all other traffic to my default route? I want to be able to send all internet traffic to my proxy server. This will avoid me asking the contractors to place proxy credentials in their browsers.
View 6 Replies View Related
