Our campus recently migrated to OpenDNS (paid subscription). Immediately after doing so it essentially broke our captive portal "UMASS" ssid. When we reverted back to our campus DNS servers everything worked once again.
We initially suspected the issue to be with the CP redirect URL, which does not typically resolve because it is local to the controllers. But captive portal should not get to "external" DNS, right? Isn't the mswitch magic essentially a DNS spoof; an internal DNS redirect to the captive portal page on the controller? Why would OpenDNS play a role here?
OpenDNS addresses are not configured on the controllers. Should they be? I don;t believe our campus DNS servers are configured on them either.
We received reports that non-iOS devices were affected as well. Still, some device worked. (cached DNS?).
We also wondered if Apple changed their CNA IPs and we tried to punch explicit holes but after reverting back to our campus DNS and things worked this did not seem to be the issue after all.
We also discovered that if we put the controller's IP in place of the CP URL it works.
Thoughts?
Mike