Wireless Access

last person joined: 17 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Set up a new iPhone via Captive Portal controller Guest Network

This thread has been viewed 1 times

  • 1.  Set up a new iPhone via Captive Portal controller Guest Network

    Posted Aug 01, 2017 11:40 AM

    Hi Community,

     

    We have clients with new iPhones and want them to be able to restore from iCloud Backup via our guest network, this is captive portal based.  When you set up an IOS device from scratch you can't access the captive portal...

     

    Has anyone had a similar situation and solved it?  Is there a way of accessing iCloud backups in a preauth role?  We basically want to be able to access apple servers etc without completely breaking the firewall rules!

     

    We're using AOS 6.4.4.10 and CPPM for authentication.

    any suggestions welcome!



  • 2.  RE: Set up a new iPhone via Captive Portal controller Guest Network

    EMPLOYEE
    Posted Aug 01, 2017 12:58 PM

    You might as well just give them provisional full access. Trying to track down all the URLs used for Apple, Google and Microsoft device provisioning will take forever and they change often.



  • 3.  RE: Set up a new iPhone via Captive Portal controller Guest Network

    Posted Aug 02, 2017 04:57 AM

    so have an allow all in the preauth role?  Or is there another way of giving provisional full access?



  • 4.  RE: Set up a new iPhone via Captive Portal controller Guest Network
    Best Answer

    EMPLOYEE
    Posted Aug 02, 2017 05:19 AM

    You would have to do an allow all, unless you want to track down all the ports and hosts that you would need to allow in the preauth role.  No, there is not another way of giving provisional access...



  • 5.  RE: Set up a new iPhone via Captive Portal controller Guest Network

    EMPLOYEE
    Posted Aug 02, 2017 09:54 AM

    If you are using ClearPass, you can add advanced policy using session restrictions.