Hi All, I'm troubleshooting a case in where Guest client can't access the portal from it browser, The AP is in local mode so traffic is passing thru capwap tunnel and we are filtering using external server ISE. Now, this setup works before then the issue pops up today that all client can't authenticate.
From client, we can able to get an IP and from AP and can resolve the portal address but can't fully access the portal and it has no display on guest client browser.
Note: this is Cisco WLC and APs.
Question:
- Can guest-client can ping the captive portal using the ip address given by the WLC?
- Should the WLC can ping the portal server using the interface of guest?
- What other this to check?
State is:
Client State..................................... Associated
Policy Manager State............................. CENTRAL_WEB_AUTH
AAA URL redirect................................. https:xxxxxxxxxxx
From Debug mac address client:
*Dot1x_NW_MsgTask_5: Nov 04 13:13:53.571: [PA] 1x: EAPOL frame with dst MAC 00:ea:bd:b1:71:20 and BSSID 00:ea:bd:ae:ab:40 discarded
*Dot1x_NW_MsgTask_4: Nov 04 13:17:24.185: [PA] 1x: EAPOL frame with dst MAC 00:ea:bd:a6:03:60 and BSSID 00:ea:bd:b1:84:e0 discarded
Thanks
No comments:
Post a Comment