Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco AP1200 Guest VLAN Default Web Page

Status
Not open for further replies.
kcbell

kcbell

IS-IT--Management
Dec 27, 2001
275

Folks:

I am trying to setup a web page for the guests to enter their username and account number on a Cisco AP1200 when they come to visit us with their wireless laptop. I could not find in any there to configure the IP address for their default web page. Can it be done?

The username and account number is stored in a ACS prior to their visits and the information are given them when they arrive.

Thanks

KC
 
Sort by date Sort by votes
Yes, it is possible. We use a Cisco router and use the IP auth-proxy command set for our guest wireless. We have a custom webpage loaded in flash on the router.
 
Upvote 0 Downvote
TreyJ:

Would you give me a little more information. Is all configuration done at the router? Are there anything needed to be done at the AP?

Thanks

KC
 
Upvote 0 Downvote
Yes most of the configuration is on the auth-proxy router. The only other configurations that are needed are:

1. The default route for the guest VLAN needs to be pointed at the inside interface of the router you'll be using for auth-proxy

2. A route pointing back through the auth-proxy router for the subnet you're using for the guest VLAN.

Here are the commands I have on the auth-proxy router:

aaa new-model
!
aaa authentication login default group radius none
aaa authorization exec default group radius none
aaa authorization auth-proxy default group radius
aaa session-id common
!
ip auth-proxy auth-proxy-banner file slot0:guest.html
ip auth-proxy inactivity-timer 240
ip auth-proxy name guest http
!
interface FastEthernet0/0
ip address 69.65.192.250 255.255.255.252
ip access-group 116 in
no ip redirects
no ip unreachables
ip auth-proxy guest
speed 100
full-duplex
no cdp enable
!
interface FastEthernet0/1
ip address 69.65.192.253 255.255.255.252
no ip redirects
no ip unreachables
speed 100
full-duplex
!
ip http server
ip http authentication aaa
ip classless
ip route 0.0.0.0 0.0.0.0 69.65.192.254
ip route 69.65.194.0 255.255.254.0 69.65.192.249
ip route 129.118.0.0 255.255.0.0 69.65.192.254
!
!
access-list 116 permit tcp 69.65.194.0 0.0.1.255 host 69.65.192.250 eq www
access-list 116 permit udp 69.65.194.0 0.0.1.255 host 129.118.1.3 eq domain
access-list 116 deny tcp 69.65.194.0 0.0.1.255 any
access-list 116 deny udp 69.65.194.0 0.0.1.255 any
access-list 116 deny icmp 69.65.194.0 0.0.1.255 any
access-list 116 permit ip any any
no cdp run
!
radius-server host 129.118.1.151 auth-port 1645 acct-port 1645 key 7 XXXXXXXXX
radius-server host 129.118.1.152 auth-port 1645 acct-port 1645 key 7 XXXXXXXXX
!

Let me know if you have any more questions!

TreyJ
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mats84
  • Locked
  • Question
Avaya WOS VLAN Configuration
Replies
0
Views
177
mats84
mats84
kythri
  • Locked
  • Question
Cisco 4404/WiSM (1st generation) - Guest Wireless Help
Replies
0
Views
116
kythri
kythri
johannjoezzz12
  • Locked
  • Question
how do i reload CISCO Air 702i Access point OS?
Replies
0
Views
97
johannjoezzz12
johannjoezzz12
Shad0wguy
  • Locked
  • Question
UniFi APs not issuing DHCP on new VLAN
Replies
1
Views
126
eddiebullman
eddiebullman
andrewhbk
  • Locked
  • Question
Cisco Prime infrastruture version 1.3
Replies
0
Views
79
andrewhbk
andrewhbk

Part and Inventory Search

Sponsor

Back
Top