Security

Reply
Occasional Contributor II
Posts: 38
Registered: ‎06-27-2016

Guest URL-REDIRECT on Cisco L2 Switch

Hi

 

I have a setup of Guest Users connected to Cisco L2 switch (2960), I want to redirect their internet browsing access to the Guest Captive-Portal page, then got internet access after authentication.

 

The CP service configured "as attached", and the guest captive-portal configured.

 

The users assigned to guest VLAN but they are not redirected to the captive-portal page

 

- The used switch is 2960

- The used switch version is (C2960-LANBASEK9-M), Version 12.2(55)SE7

- The switch is L2 switch.

- The users VLAN GW is in another L3 switch

 

SO::

 

- Is the switch must be L3 switch?

- Is the users VLAN GW must be on the target switch (for the URL-Redirect to be accepted)

- Is there a special configuration required on the switch rather than the below?;

 

==============================================

aaa new-model

aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius

aaa server radius dynamic-author
client 10.0.0.179 server-key aruba123
port 3799
auth-type all

 

dot1x system-auth-control

 

interface FastEthernet0/2
switchport access vlan 10
switchport mode access
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout server-timeout 30
dot1x timeout tx-period 10
dot1x max-req 3
dot1x max-reauth-req 3
spanning-tree portfast

 

ip http server
ip http secure-server

 

radius-server host 10.0.0.179 auth-port 1645 acct-port 1646 key aruba123
radius-server vsa send authentication

======================================== 

 

Thanks

Regular Contributor II
Posts: 226
Registered: ‎03-03-2011

Re: Guest URL-REDIRECT on Cisco L2 Switch

- Is the switch must be L3 switch?

- Is the users VLAN GW must be on the target switch (for the URL-Redirect to be accepted)

 

I think, in short, the answer to both of the above questions is "yes" for this to work.

David
ACDX #98 | ACMP | ACCP
Occasional Contributor II
Posts: 38
Registered: ‎06-27-2016

Re: Guest URL-REDIRECT on Cisco L2 Switch

Hello

 

Do you have any documnet/article about this issue?

 

If so, then this URL-Redirect feature is not reliable, because most of the users are connected to L2 switches and their GW resides in one switch (the Core L3 switch)...

 

Is it?

 

Thanks 

Regular Contributor II
Posts: 226
Registered: ‎03-03-2011

Re: Guest URL-REDIRECT on Cisco L2 Switch

Can you not set the url-redirect up on the L3 switch?

 

David
ACDX #98 | ACMP | ACCP
Occasional Contributor I
Posts: 5
Registered: ‎08-25-2009

Re: Guest URL-REDIRECT on Cisco L2 Switch

Hi,

 

Have you had any success with url-redirect?

 

I've found the following Cisco document that lists the supported platforms for the url-redirect command.

 

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ibns/configuration/15-e/ibns-15-e-book/ibns-webauth-origin-url.pdf

Search Airheads
Showing results for 
Search instead for 
Did you mean: