Wireless Access

Hi all,

 

I've just recently setup a basic Captive Portal guest solution using instant and clearpass. 

 

This setup has just a T&C acceptance so using embedded username in form.

 

To keep it simple i've just deployed with HTTP and on certificates. 

 

Redirect from IAP uses IP address and port 80 with no HTTPS. 

ClearPass redirect from login page uses HTTP to securelogin.hpe.com.

 

when the user on an android device first gets redirected ot the login page (grom the gstatic check URL) a popup error shows SSL trust errors. 

 

The exact message escapes me right now. I'm going back to site on monday to do some proper analysis but before i do thought i'd throw it out there to see if anybody else is seeing this problem.

 

android 8.0.0 

Instant 6.5.4.5

ClearPass 6.7.2

 

Scott

If you see a certificate warning on gstatic, you probably need to deny traffic to HTTPS sites while in the captive portal role.

 

Check out this page for some background.

So it seems some captive portal detection methods now use HTTPS and still throw up errors when redirecting to a HTTP site.

In the end I just deployed trusted certificates and it worked fine. So much for keeping it simple! Although it is good to see vendors are properly redirecting their captive network popups now without errors.

Scott

Scottdoorey,

 

For the community's sake, can you please state what CA and what method you used to deploy the trusted certificate?