Cisco Wireless LAN Web Authentication Process
The web authentication process is a Layer 3 security function that allows the Cisco Wireless LAN controller to block all unauthenticated client IP traffic with the exception of DHCP traffic. After the client has obtained an IP address, the only action that is open to the user is to attempt to connect to a website.
Any HTTP-related traffic is then captured. The user’s web browser session is redirected to a default or custom login page, where the user is prompted for authentication information in the form of a username and password.
Because this system includes a self-signed certification, the first time that this process takes place the user is prompted with a security alert that should be accepted.
You have a few options for the login page: The basic controller administration page allows some simple modification of the page text and the presentation of the Cisco logo. The following options are available as login pages:
The default login page
A modified version of the default login page, directs users to the receptionist for login credentials. This allows you to provide additional directions for new users, but limits the level of customization.
A customized login page that you configure on an external web server
A customized login page that you download to the controller
After the user successfully logs in, he is presented with a successful login page and then automatically redirected to the originally requested URL.