Are you able to browse to the Captive Portal site with the CPPM host IP instead of FQDN?
What does you Enforcement Profile look like? If DNS is being blocked, the Cisco 9800 or Upstream firewall would be enforcing those rules.
------------------------------
If my post was useful, please Accept Solution and Give Kudos.
------------------------------
Zak Chalupka
Principal Engineer - HPE Aruba
ACDX | ACMP | ACSP | ACCP
wifizak@hpe.com------------------------------
Ideas expressed here are solely my own and not necessarily that of HPE Aruba.
------------------------------
Original Message:
Sent: Feb 28, 2024 04:42 PM
From: bob.akers
Subject: Windows not redirecting to portal
I have recently setup Guest Authentication with MAC caching on Clearpass to work with Cisco 9800 wireless controllers. (Quite a dev process).
When users connect to the guest network, Clearpass checks to see if their mac address is "Known" in the Endpoints Repository. If it is not known then the default Enforcement Profile gives them the ACL and Redirection URL to a ClearPass Portal.
Most devices are working up to this point and redirect correctly. But Windows laptops are not.
Windows gets an IP address and the correct DNS servers, etc. But, they CANNOT resolve URLs.
Again, all other devices are working and DNS works properly, its just Windows laptops.
Because they cannot resolve DNS, they cannot get to the portal.
We are using enterprise openDNS servers with Cisco Umbrella for wireless users.
Has anyone seen something like this before? And, were you able to resolve it?
Does anyone have something to try, because I am out of ideas.
Thanks!
Bob