I've gotten some tickets from users who are attempting to access our captive portal SSID, and when the CP redirect occurs they are sent to https://www.google.com. When this happens, they get a cert error and cannot proceed to the logon page unless they attempt to go to an http page instead. It appears that Google Chrome has removed the ability to set a homepage manually in version 51.0.2704.81. It seems in this new version the default page when opening a new tab is https://www.google.com or a blank page showing your most recent/viewed pages.
I see there is an option under the Authentication -> L3 Authentication -> Captive Portal section called "Use HTTP for authentication".
I am wondering if enabling this feature would solve the above scenario. Short of telling users to use a different browser, that is.
You could do that, but guest credentials will be sent in the clear.
One thing you can try is to create a redirect page inside ClearPass that redirects to your self-reg/weblogin.
Point the controller to that initial redirect page using HTTP.
Well the guest credentials are simply their email address with no validation. So I'm not sure if that is a huge security concern. If enabling this feature would bypass the redirection to https://www.google.com than we may go ahead and do that.
You are not redirected to www.google.com; www.google.com is redirected to your captive portal and that is causing the warning.
Check this blog post for the why and how; and some suggestions for a workaround.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.