Please work with TAC, I heard some more issues with Apple devices recently, so they may know what is going on.
In access tracker, do you see the actual authentication happen (controller authenticating to ClearPass)? Does that process differ between these IOS devices and a Windows or Android that does work?
The issue feels like a certificate problem, more specific the captive-portal certificate installed on the controllers. Is that from a well-known public CA? Has the certificate been correctly 'chained' with intermediate CAs, before importing it into the controller?
You mention that it only happens on locations with AOS8 controllers. Do you have other locations where the portal authentication does work? What type of equipment is used in those locations?
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Aug 15, 2024 01:27 PM
From: parentch
Subject: Captive Portal issues for Apple iOS devices.
Hi Everyone,
I'm suspecting this is an issue with Apple devices themselves. But the last few days, we had a large number of users report that they cannot accept the "Terms of Use" captive portal page on our Guest Network. The page appears, but when the user clicks "Log in".. they get dumped back to the login screen. (See attached video). This works fine with Android and Windows devices. (And worked fine with apple devices before).
These are the symptoms:
- Only impacting Apple iOS devices. Possibly newer and updated devices? Still trying to find a correlation.
- Only impacting locations that have AOS 8 based controllers.
- Not impacting sites that have centrally managed access points.
- Tested with multiple windows PCs, multiple Android devices. No issues.
- No changes were made that we know of that would cause this.
I currently have a rule in ClearPass that is bypassing the captive portal page for Apple iOS. Wondering if you have seen this? Anyone have any thoughts?