Aruba Instant & Cloud Wi-Fi

Reply
Contributor II
Posts: 100
Registered: ‎10-04-2012

whitelisting of Apple devices

i was just wondering if my whitelist for smart devices is up to date.

We are getting Apple devices trying to get to sites that dont appear in

my current whitelist.

Any ideas Airheads?

cheers

Pete

p.s. current walled garden contents

 

wlan walled-garden

  white-list ".akamaiedge.net"

  white-list ".apple.com"

  white-list ".apple.com.edgekey.net"

  white-list ".ggpht.com"

  white-list "www.airport.us"

  white-list "www.akamaitechnologies.com"

  white-list "www.appleiphonecell.com"

  white-list "www.ibook.info"

  white-list “www.itools.info

  white-list www.thinkdifferent.us

  white-list “.whois.arin.net”

 

Guru Elite
Posts: 7,854
Registered: ‎09-08-2010

Re: whitelisting of Apple devices

What are you trying to accomplish? I don't do any white lists other than OCSP.

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Contributor II
Posts: 100
Registered: ‎10-04-2012

Re: whitelisting of Apple devices

Hi Tim,

thanks for getting back.

We have an Instant cluster and we are pushing guest to Clearpass.

The smart devices Apple Android etc. like to contact their respective websites for verification.

So i have enabled automatic whitelisting of url's and entered the above whitelist which appears in the walled garden.

Howvever the Instants are not allowing any devices on to the system and i can see Apple iphones trying to

talk to 173.0.0.0 addresses but getting denied.

I have put an allow in to these in the pre-auth role addresses and it works but i was hoping to use domain names

from the whitelist (ip addresses can change!!)

any ideas?

cheers

Pete

 

Guru Elite
Posts: 7,854
Registered: ‎09-08-2010

Re: whitelisting of Apple devices

Is the captive portal not working currently? You shouldn't have to allow those anymore. It's actually best to not allow all of Apple so the captive network assistant appears for guest registration.

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Super Contributor II
Posts: 429
Registered: ‎01-19-2011

Re: whitelisting of Apple devices

Are we expecting the CNA to open up?. What the customer wants is when they connect to the guest SSID, a browser automatically opens up and (providing they have a DNS resolvable address as a home page) get redirected to Clearpass. If we have the whitelist set they are not redirected - If we allow to the 173..x.x.x subnet as an ACL in the pre-auth role they do get redirected.

BTY I am working with Pete on this.

Contributor II
Posts: 100
Registered: ‎10-04-2012

Re: whitelisting of Apple devices

Tim,

i see you what you mean about the CNA coming up and it does on our controller sites.

However on our Instant sites it is not coming up.

 

Have you seen this before?

 

I read that the CNA comes up if the success.html file is not downloaded from the Apple websites.

So i am a bit confused.

cheers

Pete

 

New Contributor
Posts: 1
Registered: ‎09-08-2014

Re: whitelisting of Apple devices

i have put these url in my controller still m facing problem . when apple user try to connect wifi that time getting error.so please suggest me more url 's .

Search Airheads
Showing results for 
Search instead for 
Did you mean: