Wireless Access

Reply
MVP
Posts: 105
Registered: ‎01-27-2016

CPPM - Captive Portal - Controller Cert - Android issue?

I have Clearpass configured for Captive Portal Guest Registration. I am using Aruba Mobility Controller with L3 Cap Port profile for redirect using HTTPS. The controllers have Certificates configured for Management. I can authenticate through the Portal Page without issue but when the browser redirects to the URL of my Controller,

 

On the Guest registration page have replaced the default securelogin.arubanettworks.com with the name of the controller as configured in both DNS and within the Certificate. 

 

When I connect (android), I see that the browser initially wants to send me to a www.google.com/Gen_204 page. After I succesfully authenticate, I get a warning "The network you're trying to join has security issues". The URL is the URL of my controller using HTTPS (I get the exact same error is I leave securelogin.arubenetworks.com in place). I can click "Continue Anyway via Browser" and then the Gen_204 page is displayed which doesnt seem to be a real page. 

 

I can try to navigate to another website and I am returned to the Captive Portal. This time however, I can authenticate and everything works!! After a few seconds I am redirect to the site I tried to manually navigate to. 

 

Client is getting proper IP. Iyt can resolve the DNS name of the Controller as configured in CPPM and the Certificate.

 

Not sure where to take this....

 

 

Guru Elite
Posts: 8,320
Registered: ‎09-08-2010

Re: CPPM - Captive Portal - Controller Cert - Android issue?

Did you replace the controller certficicate with a publicly signed certificate for your domain?


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 105
Registered: ‎01-27-2016

Re: CPPM - Captive Portal - Controller Cert - Android issue?

Yes, GoDaddy public Cert. Navigating directly to the controller URL via HTTPS work properly. 

 

I am not certain this is a Cert/Name issue but it seems like it. 

 

 

Frequent Contributor II
Posts: 113
Registered: ‎05-31-2015

Re: CPPM - Captive Portal - Controller Cert - Android issue?

Under Management>General you also need to upload this certificate to the "Captive Portal Certificate" function which is what your guests are using.

MVP
Posts: 105
Registered: ‎01-27-2016

Re: CPPM - Captive Portal - Controller Cert - Android issue?

I am using Clearpass Captive portal. Not the controllers captive portal. I will give it a shot though but I did not realize that was in play.

Get Outlook for Android
MVP
Posts: 105
Registered: ‎01-27-2016

Re: CPPM - Captive Portal - Controller Cert - Android issue?

Well, I am put this through my lab this morning and it all works properly.. as it should. I will compare settings very closely with client. 

 

For whatever reason, I did not need to update the clearpass securelogin.arubanetworks.com with the Public Cert CN that is applied to the controller. I left it to the default. Wierd. 

Search Airheads
Showing results for 
Search instead for 
Did you mean: