DNS is not an issue at this point. The device can manually browse to the captive portal URL without issues. We also made sure the intermediate certificate was installed and trusted on the ClearPass cluster.
The CNA window will either error out with that hotspot warning, or only load the background color of the page. It's a strange one....lol
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022-2023
If my post was useful accept solution and/or give kudos
------------------------------
Original Message:
Sent: Sep 25, 2023 11:23 AM
From: shpat
Subject: Apple Captive Portal Issues
Had similar case at two different end customers and there were two ways how it got solved:
- At a certain end customer, DNS was an issue. We had to fix some DNS problems for the Guest clients who were connected to the Guest SSID, and were receiving the DNS from the DHCP Server. This DNS was changed and we had to white-list it on the User-Role ACL.
- Had to Upload the Intermediate Certificate on Clearpass for the signed SSL
------------------------------
Shpat | ACEP | ACMP | ACCP | ACDP |
-Just an Aruba enthusiast and contributor by cases-
Original Message:
Sent: Sep 25, 2023 11:13 AM
From: DB86
Subject: Apple Captive Portal Issues
8.6 on Gateways/Conductors (Need to support older AP models right now), and 8.10 on the ClearPass cluster.
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022-2023
If my post was useful accept solution and/or give kudos
Original Message:
Sent: Sep 25, 2023 10:43 AM
From: cclemmer
Subject: Apple Captive Portal Issues
What version of AOS are you running? Also, what version of ClearPass?
I've recently set this up without issues, so initially suspect something with the configuration. I'm someone concerned about the mention of "hotspot" in the error message, but could just be a false flag.
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
Original Message:
Sent: Sep 25, 2023 10:31 AM
From: DB86
Subject: Apple Captive Portal Issues
Looking for some non-TAC help here. I have been working with TAC for a couple months now, and can not seem to get this issue resolved. Windows/Android/MacOS devices all work fine, and yes we use a public signed certificate, following best practices for iOS devices. The captive portal page is hosted on ClearPass, and we are using a valid/trusted certificate as well. The apple device can launch the captive portal page when navigated to directly in a browser, but not with the CNA. The CNA popup will launch, but we either get a red background (its a color in the galleria skin we are using), or will display the message attached here. We have also tried using just a blank skin for the page, but still the same result. We will be trying DHCP option 114 next, but I'm looking to see if someone has run into this as well and came to a resolution.
Thanks!
------------------------------
Dustin Burns
Lead Mobility Engineer @Worldcom Exchange, Inc.
ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022-2023
If my post was useful accept solution and/or give kudos
------------------------------