Wireless Access

Reply
MVP
Posts: 112
Registered: ‎01-05-2016

How to disable https for captival portal login page?

Hi, anyone please advise how to disable https for guest login captival portal login page? the controller self-signed certificate already expired.

 

Thanks in advance. 

Guru Elite
Posts: 20,820
Registered: ‎03-29-2007

Re: How to disable https for captival portal login page?

You do it in the Captive Portal authentication Profile:

 

http.png



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 112
Registered: ‎01-05-2016

Re: How to disable https for captival portal login page?

Hi Colin, Thanks for kind reply. We have already tick "http" authentication, but still see the alert message. Please advise what we can try next. 

New Contributor
Posts: 3
Registered: ‎10-07-2016

Re: How to disable https for captival portal login page?

Hi Peter,

 

Colin already gave you the hint. You need to tick "Use HTTP for Authentication" and it is disabled. There must be something different.

 

You changed the "Login Page" Attribute?

What Alert Message?

 

Regards,

Thomas

----------------------------------
ACMA, ACMP, ACCP
Network and IT-Security
Guru Elite
Posts: 20,820
Registered: ‎03-29-2007

Re: How to disable https for captival portal login page?


PeterLee wrote:

Hi Colin, Thanks for kind reply. We have already tick "http" authentication, but still see the alert message. Please advise what we can try next. 


PeterLee, When you see the alert message, what is the URL, http or https?  Did you change it on the correct Captive Portal Authentication profile?  If the user is attempting to open a page that is https, that might be unavoidable..



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 447
Registered: ‎11-04-2011

Re: How to disable https for captival portal login page?

The warnings come from invalid HTTPS certificates, as you seem to have found out already.

 

Depending on where in the authentication process the warning comes up, that can be during the original redirect to the captive portal, or for the actual authentication (credentials post to securelogin.arubanetworks.com), there are different solutions.

 

For the first issue, the initial re-direct, please read this blog post: http://community.arubanetworks.com/t5/Technology-Blog/Captive-Portal-why-do-I-get-those-certificate-warnings/ba-p/268921 and follow the suggestions to get rid of that warning.

 

If the warning is when you try to post your credentials, the 'use HTTP' should work as it does not use HTTPS. Please note that if you switch to HTTP the username and password are sent 'in clear' and can be captured if they are on an open SSID.

 

My advice would be to fix your certificates. Check this FAQ: http://community.arubanetworks.com/t5/Controller-Based-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Controllers/ta-p/275809 on how to get the proper certificate installed. Just if you understand the consequences (username/password sent in the clear), you should move to HTTP authentication.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC.
MVP
Posts: 112
Registered: ‎01-05-2016

Re: How to disable https for captival portal login page?

Thank you guys for your kind reply. When loading login page, the user will see the security alert (https certificate). Do we need to remove captive portal policy ?

rule: 

source :user  Destination: controller service: https  Action: dst-nat 8081 ...

 

As our wireless network need to be up 24 hrs, we haven't tested it yet. 

Please advise , thanks in advance.

Search Airheads
Showing results for 
Search instead for 
Did you mean: