According to the file settings, the jump page is still on CNA. If it is not finished, open another browser.
Original Message:
Sent: Mar 19, 2024 03:00 AM
From: scottdoorey
Subject: ClearPass Captive Portal and Social Login MFA with iOS Devices
A solution has snuck into the clearpass docs portal!
https://support.hpe.com/hpesc/public/docDisplay?docId=a00134332en_us
Original Message:
Sent: Feb 23, 2024 11:54 AM
From: rajeronimo
Subject: ClearPass Captive Portal and Social Login MFA with iOS Devices
Hi, Alex. Still without any solution?
We follow with the implementation of MFA by policies and not per user, in the Azure, where it's possible apply restrictions that can make the application of the captive portal doesn´t require a MFA.
Original Message:
Sent: Jun 25, 2020 07:32 PM
From: AlexMcDonald
Subject: ClearPass Captive Portal and Social Login MFA with iOS Devices
Hi Airheads,
We are currently using Clearpass Guess Self-Registration with Social Logins (Microsoft Azure AD) which is working fine however running into the following issue when it comes to MFA (Azure AD MFA during the Social Login process) using iOS devices (iPhone and iPads).
Issue 1: Disable CNA Option
- User connects to WiFi
- Apples Captive Network Assistant brings up the Captive Portal (Clearpass)
- User select Microsoft Azure AD social login
- User enters credentials
- User prompted for MFA Challenge (This is from AzureAD)
- User switches to SMS App or Authenticator app to retrieve code - This action closes the Apple Captive Network Assistant and user cannot proceed as Apple CNA starts again and repeats the above loop without success
Issue 2: Enable CNA Option
- User Connects to WiFi
- iPad/iPhone does not auto launch browser to captive portal
- User tries to open Safari App, not redirected to captive portal
- User can however type the URL to the ClearPass Guest Captive Portal and proceed successfully and authenticate using Microsoft Azure AD social login + MFA
Note: If the user has Google Chrome App installed on iPad/iPhone they are redirected to our Clearpass Captive Portal automically (not sure if this is a Safari issue or Apple device limitation)
Has anyone had any success in moving past this? I assume the same issues above would happen using say the social login for Facebook or gmail if the user had MFA enabled on their respective accounts?
Any Assistance or advise would be greatly appreciated