last person joined: 7 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

CPPM - Android Install QuickConnect

Jump to Best Answer
  • 1.  CPPM - Android Install QuickConnect

    Posted Aug 09, 2013 11:04 AM



    We Onboard mobile devices such as Android phones/tablets, Apple phones/tablets, etc.

    For Android there is the prerequisite that the QuickConnect app be installed prior to actually starting the Onboard process.


    Our Onboard setup uses an 'open' SSID which redirects to a captive portal. From this portal the user can select a link to start the Onboard process (We use this portal for a couple of other things as well). Once the Onboard process is completed they connect to a secure SSID.


    If QuickConnect is not already installed on the device then it must be installed. On Android phones this probably won't be a problem because they can just disconnect and use their phones data plan to download the app. For tablets though this could be a problem. When connected to the 'open' SSID there is no Internet connection due to the user role. So using this SSID to download the app isn't possible because when you try and go to the Play store to get the app you get the error "No Connection".


    I was just wondering what are the possibilities to get around this? Without opening up the Internet completely. The initial role is restricted to pretty much our Captive Portal and that is it. We would like to keep it that way if at all possible. But we do need to provide an easy way to install the QuickConnect app if it is not already installed.


    Any suggestions would be greatly appreciated.


    Thank you

  • 2.  RE: CPPM - Android Install QuickConnect
    Best Answer

    Posted Aug 09, 2013 11:08 AM

    If your controller is setup to do DNS lookups, you can simply allow web traffic to in your captive portal role.


    We also allow access to and due to the use of Google Fonts and other scripts on our captive portal and Single Sign On pages.






  • 3.  RE: CPPM - Android Install QuickConnect

    Posted Aug 09, 2013 11:24 AM

    Sorry I hadn't refreshed the page before I posted this. I will see if I can find those settings.

    Thank you!


    Hey cappalli,


    Sorry for asking this as I think I should know this already...but

    How do you set the controller up to do DNS lookups? Where would I go either from the command line or GUI to setup/check this configuration.


    I am going through the ArubaOS doc now but most of the DNS stuff is related to the provisioning of the AP's


    Thank you for the response!



  • 4.  RE: CPPM - Android Install QuickConnect

    Posted Aug 09, 2013 11:32 AM

    Simply issue ip domain lookup the cli.

  • 5.  RE: CPPM - Android Install QuickConnect

    Posted Aug 09, 2013 11:35 AM

    Just did my first test and it worked like a champ!

    @cappalli thank you for your assistance!


    Wow this is great!


    Thank you @cappalli for your assistance.


    I will begin my testing!



  • 6.  RE: CPPM - Android Install QuickConnect

    Posted Aug 09, 2013 03:16 PM

    Could this same technique be used to deal with the Apple's 'success.htmlbehavior? It disconnects the Apple device from a wireless connection that has a Captive Portal due to the fact that it cannot access the 'success.html' hosted on Apple's website.


    Currently we get around this by 'spoofing' in our DNS.

  • 7.  RE: CPPM - Android Install QuickConnect

    Posted Aug 09, 2013 03:22 PM
    Correct. You can either allow all of or

    Sent from my BlackBerry Z10

  • 8.  RE: CPPM - Android Install QuickConnect

    Posted Aug 09, 2013 03:41 PM


    I guess the only potential downside is that the users could browser to say '' because it is allowed.

    But that is about it, they won't really be able to do anything else.


    I would assume it would be the same with

    Users could browse there but the side would probably only half work.


    I will have to test more.


    Thank you!