Controller Based WLANs

Why does guest users connecting to captive portal SSID get unsecured login page with http in the URL?

by on ‎06-30-2014 03:33 PM

Question: Why does guest users connecting to captive portal SSID get unsecured login page with http in the URL?

Environment: This article applies to Aruba Mobility controllers running ArubaOS version.

 

Captive portal is one of the methods of authentication supported by ArubaOS. User connecting to captive portal enabled SSID, is presented with a web page that requires user action before network access is granted. It includes user ID and password which must be validated against a database of authorized users.

 

By default, ArubaOS uses HTTPS for captive portal login page inorder to secure the user credentials that go across during authentication process. But, if "User HTTP for Authentication" is enabled in captive portal profile, controller is forced to present unsecured http login page to guest users.

 

Following figure shows GUI and CLI images with the "User HTTP for Authentication" highlighted:

 

 

 

 

 

 

 

 

 

 

 

 

 

rtaImage2.jpg

 

Following image list out the command to disable "Use HTTP for Authentication" from Command Line:

 

rtaImage3.jpg

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.