![]() This is applicable for authentication-list and parameter-map that are not explicitly mentioned.If you plan on using the same certificate on multiple servers always transfer the private key using a secure method ( e-mail is not considered a secure method of transfer). Note When security web-auth is enabled, you get to map the default authentication-list and global parameter-map . parameter-map parameter-map-name : Configures the parameter map. ![]() Web-auth Įnables web authentication for WLAN.Here, authentication-list authentication-list-name : Sets the authentication list for IEEE 802.1x. ssid-name is the SSID which can contain 32 alphanumeric characters. profile-name is the WLAN name which can contain 32 alphanumeric characters. Wlan profile-name wlan-id ssid-name Example:ĭevice(config)# wlan mywlan 34 mywlan-ssid WLAN using web auth security and map the authentication list and parameter map:Įnables privileged EXEC mode. ![]() Configuring the Web Authentication WLANsįollow the procedure given below to configure Here you can choose a certificate that you want to present guests with when they hit the Captive Portal:įor simplicity, we have just used ‘ global‘ Web Auth Parameter Map. To configure customized local web authentication, perform these tasks: Under Customized Page, specify the following pages: Login Failed Page Login Page Logout Page Login Successful Page In the Portal IPV6 Address field, enter the IPv6 address of the portal to send redirects, if IPv6 address is used. In the Portal IPV4 Address field, enter the IPv4 address of the portal to send redirects. In the Redirect Append for WLAN SSID field, enter the WLAN SSID. In the Redirect Append for Client MAC Address field, enter the client MAC address. To configure external local web authentication, perform these tasks: Under Redirect to External Server in the Redirect Append for AP MAC Address field, enter the AP MAC address. In the Redirect On-Failure field, enter the name of the external server to redirect after a login failure. In the Redirect On-Success field, enter the name of the external server to redirect after a successful login. In the Redirect for log-in field, enter the name of the external server to send a login request. The valid range is between 10 minutes and 43200 minutes. Set appropriate status for Disable Success Window, Disable Logout Window, and Login Auth Bypass for FQDN.Ĭheck the Sleeping Client Status checkbox to enable authentication of sleeping clients and then specify the Sleeping Client Timeout in minutes. In the Watch List Expiry Timeout field, enter the time in seconds after which the watch list should time out. Set appropriate status of WebAuth Intercept HTTPS, Captive Bypass Portal, and Watch List Enable. If you choose File Name, specify the path of the file from which the banner text has to be picked up.Įnter the virtual IP addresses as required. If you choose Banner Text, enter the required banner text to be displayed. In the Edit WebAuth Parameter window that is displayed, choose the required Banner Type. On the Web Auth page, click the name of the parameter map. In the Init-State Timeout field, enter the time after which the init state timer should expire due to the user’s failure to enter valid credentials on the login page. In the Maximum HTTP Connections field, enter the maximum number of HTTP connections that you want to allow. In the Create Web Auth Parameter window that is displayed, enter a name for the parameter map. To configure a local server to act as a fallback method when servers in the group are unavailable, check the Fallback to local checkbox.Ĭhoose the server groups you want to use to authenticate access to your network, from the Available Server Groups list and click > icon to move them to the Assigned Server Groups list.Īs we are using local WLC Guest Users database to authenticate against, we will specify ‘ local‘ Group type for ‘ login‘.Ĭhoose Configuration > Security > Web Auth. In the Quick Setup: AAA Authentication window that is displayed, enter a name for your method list.Ĭhoose the type of authentication you want to perform before allowing access to the network, in the Type drop-down list.Ĭhoose if you want to assign a group of servers as your access server, or if you want to use a local server to authenticate access, from the Group Type drop-down list.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |