Aruba Instant & Cloud Wi-Fi

Reply
New Contributor
Posts: 4
Registered: ‎11-28-2016

Using external captive portal with authentication text

Hi everyone,

 

I'm having some issues with using the external captive portal. We have configured an SSID with external captive portal and on the captive portal there nothing more than a disclaimer.

 

I'm having issues with IOS clients and Android clients, but they are having different issues.

 

With the IOS devices the captive portal sometimes is shown directly when connecting to the SSID but sometimes it shows a blank page or keeps getting redirected back to the disclaimer page after accepting it.

 

With the Android devices accepting the disclaimer page is not a problem, it gets redirected correctly and after redirect internet access is working.

But when the device connects and the browser is opened it shows a security warning on the page that was already opened in the browser. After browsing to a website the client is properly redirected to the disclaimer page but the security warning isn't really something we want on the guest network.

 

Do you guys have any experience with the issues stated above?

Any help is much appreciated.

 

If anything about my post is not done correctly please let me know. This is my first post here.

Guru Elite
Posts: 20,573
Registered: ‎03-29-2007

Re: Using external captive portal with authentication text

May I ask what version of instant you are running?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎11-28-2016

Re: Using external captive portal with authentication text

Hi cjoseph,

 

i'm testing on two clusters. But getting the same result on both.

One cluster of IAP 225

Firmware version: 6.4.2.6-4.1.1.11_52666

One cluster of IAP 115

Firmware version: 6.4.2.6-4.1.1.8_50989

 

I have been digging into it some more and i'm able to make sure the clients don't get a security warning by blocking https in the pre auth role.

Problem then is when they are in the pre auth role the clients get a timeout on https websites and they are not getting redirected to the external captive portal.

When they browse to a http website redirection is working fine.

 

Is it possible to redirect them to a http website when they open the browser, even when they try to open a https website?

 

Thanks in advance.

 

Guru Elite
Posts: 20,573
Registered: ‎03-29-2007

Re: Using external captive portal with authentication text

Unfortunately, this is an industry-wide issue http://community.arubanetworks.com/t5/Wireless-Water-Cooler/How-are-you-all-dealing-with-HSTS/td-p/239328


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎11-28-2016

Re: Using external captive portal with authentication text

Hi cjoseph,

 

again thanks for your reply.

too bad there isn't a way around this.

 

Are there any alternatives for deploying a captive portal which give a good/better experience on the client?

 

Thanks in advance.

Guru Elite
Posts: 20,573
Registered: ‎03-29-2007

Re: Using external captive portal with authentication text

Well, the preferred way is to allow a client's Captive Portal detection, which typically occurs over http, bring up the page...

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎11-28-2016

Re: Using external captive portal with authentication text

Hmm that doesn't really seem to work for me. In the pre auth role i now have an allow rule for http traffic and a deny any.

In this configuration i'm getting certificate warnings on https and browsing to http sites is possible but i'm not getting redirected to the captive portal.

 

Any thoughts on that? Thanks in advance.

Search Airheads
Showing results for 
Search instead for 
Did you mean: