08-06-2014 12:38 AM
i was just wondering if my whitelist for smart devices is up to date.
We are getting Apple devices trying to get to sites that dont appear in
my current whitelist.
Any ideas Airheads?
p.s. current walled garden contents
08-06-2014 05:18 AM
thanks for getting back.
We have an Instant cluster and we are pushing guest to Clearpass.
The smart devices Apple Android etc. like to contact their respective websites for verification.
So i have enabled automatic whitelisting of url's and entered the above whitelist which appears in the walled garden.
Howvever the Instants are not allowing any devices on to the system and i can see Apple iphones trying to
talk to 18.104.22.168 addresses but getting denied.
I have put an allow in to these in the pre-auth role addresses and it works but i was hoping to use domain names
from the whitelist (ip addresses can change!!)
08-06-2014 05:20 AM
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
08-06-2014 05:36 AM
Are we expecting the CNA to open up?. What the customer wants is when they connect to the guest SSID, a browser automatically opens up and (providing they have a DNS resolvable address as a home page) get redirected to Clearpass. If we have the whitelist set they are not redirected - If we allow to the 173..x.x.x subnet as an ACL in the pre-auth role they do get redirected.
BTY I am working with Pete on this.
08-06-2014 09:03 AM
i see you what you mean about the CNA coming up and it does on our controller sites.
However on our Instant sites it is not coming up.
Have you seen this before?
I read that the CNA comes up if the success.html file is not downloaded from the Apple websites.
So i am a bit confused.