Hey Charlie,
From what i have researched you cannot redirect the login page to an
external web server.
HTH
Usama
On Tue, Aug 31, 2010 at 10:42 AM, spycharlies <spycharlies_at_gmail.com> wrote:
> Thanks Usama,
>
> Yes! you are right, the default "login.htm" can be modified, which i am
> doing. I already copied all the "login, success, failure, and expire " to my
> flash and issues the "ip admission proxy" commands.
>
> What cisco has on "Figure 11-5" inclduing the Logo, looks pretty nice! i
> might need to take a 6months HTML class to get mine close to that, lol...i
> know very little about html..
>
> But my original question was, is it possible to redirect login request
> (rather than using the switch) to an external web server or mayb get users
> to authenticate through a vpn site?
>
>
> Regards,
>
> Charlie
>
> On Tue, Aug 31, 2010 at 7:30 AM, Usama Pervaiz <chaudri_at_gmail.com> wrote:
>>
>> Hey Charlie,
>>
>> I believe with web auth the page that is displayed sits on your local
>> switch. You can always customize the page but there are a few
>> guidelines as stated here:
>>
>> http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_52_se/configuration/guide/swwebauth.html
>>
>> Also if you want to use images sourced on a different server make sure
>> that you change the port from 80 or 443 to something different as all
>> 80 and 443 traffic will be redirected back to the switch.
>>
>> HTH
>> Usama
>>
>>
>>
>> On Mon, Aug 30, 2010 at 3:11 PM, spycharlies <spycharlies_at_gmail.com>
>> wrote:
>> > Hello Gurus...
>> >
>> > ...Am currently testing Wired Web Authentication for guest access (users
>> > who
>> > fails dot1x and mab) on a Cisco platform
>> >
>> > I am using the Cisco's "Sample Customize Page" for webauth which just
>> > prompts for Username and Password... Its OK but of course not very user
>> > friendly...
>> >
>> > Without Implementing Cisco NGS, is it possible to modify the "login.htm"
>> > ;
>> > so that login request can be redirected to an external web server (say
>> > 192.168.10.254) OR my vpn server with url (https://vpn.spycharlies.com)
>> >
>> >
>> > My dACL is "permit any any", so no issue there...below is my current
>> > login.htm script
>> >
>> > ==
>> >
>> > <HTML><HEAD><TITLE>Authentication Proxy Login Page</TITLE>
>> > <script language="JavaScript"><!-- Begin
>> > var pxypromptwindow1;
>> > var pxysubmitted = false;
>> > function doreload() {
>> > if(pxypromptwindow1.closed)
>> > {window.location.reload(true);
>> > } else {reloadtimeout=setTimeout("doreload()", 300);}
>> > }
>> > function submitreload() {
>> > if(pxysubmitted == false)
>> > {pxypromptwindow1=window.open('',
>> >
>> > 'pxywindow1','resizable=no,width=300,height=300,scrollbars=yes');reloadtimeout=setTimeout("doreload()",
>> > 1000);pxysubmitted = true;return true;
>> > } else {
>> > alert("This page can not be submitted twice.");
>> > return false;
>> > }
>> > } // -->
>> > </script> </HEAD>
>> > <BODY BGCOLOR="#FFFFFF" LINK="#ffcc00" ALINK="#ffffff" VLINK="#ffcc00" >
>> > <H1> <BR><BR>
>> > <FORM method=post action="/" target="pxywindow1">
>> > <input type=hidden name=au_pxytimetag value="612790020">Username: <input
>> > type=text name=uname>
>> > <BR><BR>
>> > Password: <input type=password name=pwd>
>> > <BR><BR><input type=submit name=ok value=OK onClick="return
>> > submitreload()">
>> > </H1></FORM></script></BODY></HTML>
>> >
>> > ===
>> >
>> >
>> > Any suggestions or a sample working template Appreciated !
>> >
>> > Many thanks,
>> >
>> > Charlie
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Aug 31 2010 - 18:09:14 ART
This archive was generated by hypermail 2.2.0 : Wed Sep 01 2010 - 11:20:53 ART