Support User Manuals

Cisco Systems IOS Releases 15.2(4)JA Universal Remote User Manual

Open as PDF

of 540

11-25

Cisco IOS Software Configuration Guide for Cisco Aironet Access Points

OL-29225-01

Chapter 11 Configuring Authentication Types

Guest Access Management

Guest access is allowed for a maximum of twent-four days and a minimum of five minutes.

Beginning in privileged EXEC mode, use this command to delete a guest user:

ap# clear dot11 guest-user Gues-1

Beginning in privileged EXEC mode, use this command to display guest users:

ap# show dot11 guest-users

Customized Guest Access page

The guest access page can be customized to display a custom logo or other images. The guest login page

can be edited and loaded into flash. It is mandatory to load the login page, success page, and expired and

failure pages when we choose Customized Webauth.

Perform these steps to customize the login page, success page, expired and failure page:

Step 1 Browse to the Guest Management Services page on the access point in the GUI.

Step 2 Select Webauth Login.

Step 3 Browse and upload these pages from your local server:

• Success Page

• Failure Page

• Expired page

Step 4 Select the file transfer method : FTP or TFTP.

Step 5 Enter the Username.

Step 6 Enter the Password.

Step 7 Enter the Allowed-In ACL Name and the Allowed-Out ACL Name.

Step 8 Click Close Window to save your changes.

Beginning in privileged EXEC mode, use these commands to load all the edited files to flash:

–

ap(config)# ip auth-proxy proxy http login page file flash:web_login.html

–

ap(config)# ip auth-proxy proxy http success page file flash:web_success.html

–

ap(config)# ip auth-proxy proxy http failure page file flash:web_fail.html

–

ap(config)# ip auth-proxy proxy http login expired page file flash:web_logout.html

Some ACL commands are also required to complete customizing of the guest access page. Beginning in

privileged EXEC mode, use these ACL commands:

–

ap(config)# dot11 webauth allowed incoming webauth_acl_in outgoing webaut_acl_out

–

ap(config)# ip access-list extended webauth_acl_in

–

ap(config-ext-nacl)# permit tcp any host 40.40.5.10 eq www

–

ap(config-ext-nacl)# permit tcp any host 40.40.5.10 eq 443

–

ap(config-ext-nacl)# permit tcp any host 40.40.5.10 eq 443

–

ap(config-ext-nacl)# exit

–

ap(config)# ip access-list extended webauth_acl_out

–

ap(config-ext-nacl)# permit tcp any host 40.40.5.10 eq www

previous next