Security

Reply
Occasional Contributor II
Posts: 15
Registered: ‎03-25-2013

Cisco Guest wireless malformed URL redirect

Here is the situation.

Cisco WLC with version 7.6 and ClearPass 6.5.1

Cisco WLC wlan is setup with mac filtering and on mac failure redirect to external we server.

Pre-Auth ACL is to only allow http and https access to the ClearPass server.

 

When a device connects, it attempts MAC authentication and is rejected since it's a new device.

This is working as intended.

The user opens a browser and types in www.google.com

The browser is intercepted and redirects to a ClearPass captive portal

The User logs in and is authenticated successfully.

Here is the problem area. The User is never redirected to the original URL but is sent to something like this:
https://clearpassserverip/guest/www.google.com

The user receives a 404 error and never makes it to google. 

Has anyone else experienced an issue similar to this?

 

Andy Clelland

Structured Communication Systems, Inc.

ACMP, ACCP

Occasional Contributor II
Posts: 15
Registered: ‎03-25-2013

Re: Cisco Guest wireless malformed URL redirect

Has anyone else seen this behavior?

 

Andy Clelland

MVP
Posts: 4,238
Registered: ‎07-20-2011

Re: Cisco Guest wireless malformed URL redirect

Do you have the following:
- Controller Initiated selected in the guest registration page NAS Vendor settings > Login Method
- Select Cisco Systems as the Vendor
- Uncheck require HTTPs under Home » Configuration » Authentication
And see if that works
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 15
Registered: ‎03-25-2013

Re: Cisco Guest wireless malformed URL redirect

Thank you Victor, the only piece I don't have setup is unchecking require HTTPS. I'll give that a try to see if that helps at all.

 

Andy Clelland

MVP
Posts: 1,412
Registered: ‎11-30-2011

Re: Cisco Guest wireless malformed URL redirect

Aruba Employee
Posts: 101
Registered: ‎03-15-2011

Re: Cisco Guest wireless malformed URL redirect

Please paste the initial redirect URL from Cisco to CPPM. It should have a clear 'url' attribute.  Ensure that attribute is fully qualified with 'http://' otherwise it will link as a relative address.  If you have a fallback destination in the login setup ensure it is fully qualified as well otherwise the same situation occurs.

Search Airheads
Showing results for 
Search instead for 
Did you mean: