Hello all,
I'm running into an issue with captive portal authentication and I've spent many hours with TAC without success, so I am desperate..
Topology: I have a remote controller doing a layer2 gre tunnel to a hub controller with internet presents. There is a CP server in the Priv_DMZ. There are two essid's one with psk and other one with captive portal authentication. PKS works great, able to go out to the internet.
Issue: Guest user trying to authenticate using captive portal are being redirected as design and getting the page, but as soon as you type the credentials they get an error. The error depends on the type of device, example: iPhone users get "Hostpot login cannot open the page bc it is not connected to the internet", Android devices "The server is not available"
CP server has no records [event viewer] of anyone trying to authenticate. Firewall is not blocking traffic, and this morning I noticed the following while looking at the datapath. This is from the remote CNTL and I do not see the same flags on the hub CNTL.
Client_IP_trying to authenticate CP_Server_Captive_Portal 6 50477 443 0/0 0 0 0 tunnel 17 0 1 64 YCA
CP_Server_Captive_Portal Client_IP_trying to authenticate 6 443 50477 0/0 0 0 0 tunnel 17 0 0 0 YA
What’s the Y mean? The flag description is no sync, does it mean it has not received a sync ack from the CP?
Thank you in advance for your replies…
I