If both:
- connect to SSID, no automatic redirect
- connected to SSID, open browser, enter URL like:
http://1.2.3.4, you get redirected to the captive portal (and don't see a certificate warning)
[ please confirm this is the case ]
I think the issue still is with the certificate. It should be publicly trusted, and it may be that a private CA certificate is rejected by the Windows 10 captive popup. What you could do, is run a Wireshark packet capture while connecting to the SSID. The client should connect first on http to
www.msftconnecttest.com (or similar), which should be redirected by the controller, then you should see an https connection to your controller/captive portal, and the popup should appear. Can you check if you see that traffic?
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Nov 27, 2021 01:40 AM
From: Mahmoud Nagah
Subject: Internal Captive portal page not popping up
Hi Herman,
I've tried to generate AD Certificate (with controller name as Common Name and add DNS record for it, clients can resolve it), imported the certificate and AD CA into controller, and imported the CA to my windows 10 but still popup not working, I have to open a browser manually and write any ip to direct me to CP page.
------------------------------
Mahmoud Nagah
Original Message:
Sent: Nov 22, 2021 10:18 AM
From: Herman Robers
Subject: Internal Captive portal page not popping up
To answer the question if a public trusted certificate is required for captive portal on a controller: Yes.
It can be that the device that you test with will not show the page because the certificate is not trusted. You can't run the captiveportal 'on an IP' as you will not be able to get a certificate for an IP, just DNS. Note you can get a certificate for a public IP, but it is very uncommon and I don't think the controller can handle that scenario.
In my experience, if you don't get it working at once, it may be best to work with your Aruba partner or Aruba TAC to go step-by-step through the scenario of redirects and login. It will work much more efficiently if someone can have a look together with you, versus asking questions here and hoping that someone has the right answer based on the limited information.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: Nov 22, 2021 01:42 AM
From: Mahmoud Nagah
Subject: Internal Captive portal page not popping up
OK, DNS rule is already exist in the role and the client is able to resolve DNS through it, I've connected to SSID the tried to ping FQDN and it is successfully pinging, but still popup not working, I have to go to the Captive portal page manually.
I've tried to use the (ip cp redirect command in the controller with Guest VLAN IP in the controller) but still the same.
------------------------------
Mahmoud Nagah
Original Message:
Sent: Nov 21, 2021 06:22 PM
From: Colin Joseph
Subject: Internal Captive portal page not popping up
DNS is essential, yes.
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
Original Message:
Sent: Nov 21, 2021 05:09 PM
From: Mahmoud Nagah
Subject: Internal Captive portal page not popping up
Hi cjoseph,
Thanks for your reply, I've added these rules inside different policy and put this policy under captive portal policy, so CP policy priority is higher than the policy I've created, anyway I'll remove it.
shall I add resolvable DNS? I'm not using FQDN anymore, it's all about IPs
------------------------------
Mahmoud Nagah
Original Message:
Sent: Nov 21, 2021 04:46 PM
From: Colin Joseph
Subject: Internal Captive portal page not popping up
Adding http and https will guarantee the captive portal will not pop up, because it will bypass the captive portal.
The client specifically needs to be able to resolve DNS in the initial role and have the captive portal ACL.
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
Original Message:
Sent: Nov 21, 2021 02:43 PM
From: Mahmoud Nagah
Subject: Internal Captive portal page not popping up
Hi all
I've a case while I need to create Internal Captive portal, I've used the ready template inside the controller but the page is not popping up.
I can find the captive portal manually by typing any IP address in the browser.
I've added new rules for the initial rule to allow http and https for any any, but pop up still not working.
I don't know if I should add certificate to the controller or doesn't matter?
Appreciate your support.
------------------------------
Mahmoud Nagah
------------------------------