Course Content
Packet Forwarding
0/2
Network Device Communication
Forwarding Architectures
Spanning Tree
An overview of how switches become aware of other switches and prevent loops.
0/2
Spanning Tree Protocol Fundamentals
Rapid Spanning Tree Protocol
Advanced Spanning Tree Tuning
0/2
Spanning Tree Topology Tuning
Additional Spanning Tree Protection Mechanisms
Multiple Spanning Tree Protocol (MST)
0/1
Multiple Spanning Tree Protocol
VLAN Trunks and EtherChannel Bundles
0/3
VLAN Trunking Protocol (VTP)
Dynamic Trunking Protocol (DTP)
EtherChannel Bundle
IP Routing Essentails
0/4
Routing Protocol Overview
Path Selection
Static Routing
Virtual routing and forwarding (VRF)
EIGRP
0/4
EIGRP Fundamentals
EIGRP Path Metric Calculation
EIGRP Failure Detection and Timers
EIGRP Route Summarization
OSPF
0/4
OSPF Fundamentals
OSPF Configuration
OSPF Default Route Advertisement
Common OSPF Optimizations
Advanced OSPF
The (OSPF) protocol scales well with proper network planning. IP addressing schemes, area segmentation, address summarization, and hardware capabilities for each area should considered when designing a network.
0/6
OSPF Areas
OSPF Link-State Announcements
Discontiguous Networks
OSPF Path Selection
OSPF Routes Summarization
OSPF Route Filtering
OSPFv3
0/3
OSPFv3 Fundamentals
OSPFv3 Configurations
IPv4 Support in OSPFv3
BGP
0/4
BGP Fundamentals
Basic BGP Configuration
BGP Route Summarization
Multiprotocol BGP for IPv6
Advanced BGP
0/6
BGP Multihoming
BGP Conditional Matching
BGP Route Maps
BGP Route Filtering and Manipulation
BGP Communities
BGP Path Selection
Multicast
0/5
Multicast Fundamentals
Multicast Addressing
Internet Group Management Protocol
Protocol Independent Multicast
Rendezvous Points
QoS
0/5
The Need for QoS
QoS Models
Classification and Marking
Policing and Shaping
Congestion Management and Avoidance
IP Services
0/3
Time Synchronization
First Hop Redundancy Protocol
Network Address Translation
Overlay Tunnels
0/4
Generic Routing Encapsulation (GRE) Tunnels
IPsec Fundamentals
Cisco Location/ID Separation Protocol (LISP)
Virtual Extensible Local Area Network (VXLAN)
Wireless Signals & Modulation
0/2
Understanding Basic Wireless Theory
Carrying Data over a Wireless Signal
Wireless Infrastructure
0/3
WLAN Topologies
Leveraging Antennas for Wireless Coverage
Pairing Lightweight APs and WLCs
Understanding Wireless Roam and Location Services
0/3
Roaming Overview
Roaming Between Centralized Controllers
Locating Devices in a Wireless Network
Authenticating Wireless Clients
0/4
Open Authentication
Authenticating with Pre-Shared Key (PSK)
Authenticating with EAP
Authenticating with WebAuth
Troubleshooting Wireless Connectivity
0/2
Troubleshooting Client Connectivity from WLC
Troubleshooting Connectivity Problems at the AP
Enterprise Network Architecture
0/2
Hierarchical LAN Design Model
Enterprise Network Architecture Options
Fabric Technologies
0/2
Software-Defined Access (SD-Access)
Software Defined WAN (SD-WAN)
Network Assurance
0/6
Network Diagnostic Tools
Debugging
NetFlow and Flexible NetFlow
Switched Port Analyzer (SPAN) Technologies
IP SLA
DNA Center Assurance
Secure Network Access Control
0/3
Network Security Design for Threat Defense
Network Access Control (NAC)
Next-Generation Endpoint Security
Network Device Access Control and Infrastructure Security
0/5
Access Control Lists (ACLs)
Terminal Lines and Password Protection
Authentication, Authorization, and Accounting (AAA)
Zone-Based Firewall (ZBFW)
Control Plane Policing (CoPP)
Virtualization
0/2
Server Virtualization
Network Functions Virtualization
Foundational Network Programmability Concepts
0/6
CLI
Application Programming Interface (API)
Data Models and Supporting Protocols
DevNet
GitHub
Basic Python Components and Scripts
Introduction to Automation Tools  
To provide a high-level overview of some of the most common configuration management and automation tools that are available.
0/3
Embedded Event Manager (EEM)
Agent-Based Automation Tools
Agentless Automation Tools
ENCOR Course
About Lesson

Authenticating with WebAuth

use of a web page where credentials are entered.

  • WebAuth is different because it presents the end user with content to read and interact with before granting access to the network.
  • Can be used as an additional layer in concert with Open Authentication, PSK, and EAP-based authentication.

Local WebAuth (LWA)

WebAuth can be handled locally on the WLC for smaller environments:

  • LWA with an internal database on the WLC
  • LWA with an external database on a RADIUS/LDAP server
  • LWA with an external redirect after authentication
  • LWA with an external splash page redirect, using an internal database on the WLC
  • LWA with passthrough, requiring user acknowledgment

When there are many controllers providing WebAuth, it makes sense to use LWA with an external database on a RADIUS server (ISE), keep the user database centralized. The next logical progression is to move the WebAuth page onto the central server, Central Web Authentication (CWA).

Configure WebAuth on WLAN

  • Go to the General tab and enter the SSID string, apply the appropriate controller interface, and change the status to Enabled.
  • On the Security tab, select the Layer 2 tab to choose a wireless security scheme to be used on the WLAN.

the WLAN is named webauth, the SSID is Guest_webauth, and Open Authentication used because the None method selected.

  • Next, select the Security > Layer 3 tab and choose Web Policy.

  • When the Authentication radio button selected (the default), WebAuth performed locally on the WLC by prompting the user for credentials that will be checked against RADIUS, LDAP, local EAP servers.
  • In the figure, Passthrough has been selected, which will display web content such as an acceptable use policy to the user and prompt for acceptance.
  • Through the other radio buttons, WebAuth can redirect the user to an external web server for content and interaction. Click Apply.

  • You will need to configure the WLC’s local web server with content to display during a WebAuth session.
  • Security > Web Auth > Web Login Page. By default, internal WebAuth used.
  • You can enter the web content that will be displayed to the user.

Verifying WebAuth on a WLAN

  • You can verify the WebAuth settings by selecting WLANs > WLAN
  • WLAN 4 with SSID Guest_webauth shown to use the Web-Passthrough security policy.
  • The WLAN status is enabled and active.

 

Other useful information:

Join the conversation
Previous
Next