Problem:

• Clasification on display of the Login page in Web AAA (Web Portal)
• How does Web portal use DNS server

Fact:

• Wireless LAN Switches and Controllers
• Wireless LAN Switch WX1200
• Wireless LAN Controller WX4400
• Wireless LAN Switch WXR100
• Wireless LAN Managed Access Point 2750
• Wireless LAN Managed Access Point 3750

Fix:

When a WebAAA client first tries to access a web page, the client’s browser sends a DNS request to obtain the IP address mapped to the domain name requested by the client’s browser. The WX proxies this DNS request to the network’s DNS server, then proxies the reply back to the client.

If the DNS server has a record for the requested URL, the request is successful and the WX serves a web login page to the client.

However, if the DNS request is unsuccessful, the WX displays a message informing the user of this and does not serve the login page.

If the WX does not receive a reply to a client’s DNS request, the WX spoofs a reply to the browser by sending the WX switch’s own IP address as the resolution to the browser’s DNS query. The WX also serves the web login page. This behavior simplifies use of the WebAAA feature in networks that do not have a DNS server. Be aware, if the requested URL is invalid, the behavior gives the appearance that the requested URL is valid, since the browser receives a login page. Moreover, the browser might cache a mapping of the invalid URL to the WX IP address.

1. – David Gonzalez 2021/03/31 14:39