Wireless Access

Hallo,

i'm trying since a viwe days to integrate my external captivportal. When ther is an http request ther is no big problem, but if an ther is an https requst incomming the controller cant rederect it to my captive portal. I tryed to directly send the https requests to my captive portal but ther comes an certificate problem. Is ther any chance to solve this problem by installing a CA trusted certificate at my webserver or did it work in a other way?

best greets,

Max

Do you see an error of some sorts? Is the cert currently on the controller/captive portal a sign signed cert and not trusted by a Public CA?

Ther is no certificat on the controler and i want the controller rederect the incomming request to my external captivportal thats on an web-server. The Webserver has an self signed certificat. If i try it either the controller says "404 Captive Portal Not find ECP config" if only port rederect or the browser sys ther is my certificate is not the certificate of the requested page.

In the first instance it sounds like the re-direct is not occurring successfully. I assume you have the correct user roles (redirect), Captive Portal (CP location) profiles and etc all set up correctly?

Take a look at the below to confirm your configuration is correct.

http://www.arubanetworks.com/techdocs/ArubaOS_64x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/Captive_Portal/Captive_Portal.htm%3FTocPath%3DCaptive%2520Portal%2520Authentication%7C_____0

As a test are you able to browse to the Captive Portal from the client VLAN when attached to the wired network? You should still at least see your self-signed cert on the server if that is set up correctly.

The captive portal profile works as long as i do Http requests and i come to my captive portal. The authentication work fine also but the controller cant rederect an https request directly. So i've make some rules that directly rederect https requests to my webserver but ther comes the certificate Problem. If i activate the https on my webserver the controller can't contect him too.

Can you post a screenshot showing the failure?

Thank you for the fast support but i can't reproduct the issues. It seams the browser version of my testing objekt is to old. If others have similar problems an browserupdate could help.

the problem was this:

After solving my problem ther comes a new problem ... The authentication of the captiv portal to the accesspoint dont work anymore. the browser cant solve the URL "https://securelogin.arubanetworks.com/swarm.cgi" is ther en error in the URL?

If you replaced the HTTPS certificate in your IAP cluster, you should refer to the name in your certificate. So if your certificate is for login.yourcompany.com, the link in your login page should be:

https://login.yourcompany.com/swarm.cgi

In case you have a wildcard certificate, use captiveportal-login.yourcompany.com (click for link). 

Only if you are connected via the Wireless, and you are in the captive portal, the Instant AP will respond with its own IP on DNS queries for the name in your certificate. So you don't need to have it in DNS.

Hello,
can you share your experience with 404 error?

Thank you in advance.

Hi,

I've solved it with an http request. The 404 hapens if you try to reach the Captive Portal over port 443 and HTTPS is used. you should send the request over port 80 and deaktivate HTTPS from the IAP. But do an HTTPS redirect on your WEB-server.

best greats Max