Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

IAP: Client cannot login to Guest-Wifi through external CP

This thread has been viewed 2 times

  • 1.  IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 08:26 AM

    Hi,

     

    I`m running a few iap225 with an external captive portal for the guest wifi. I`ve build a linux apache webserver with the external captive-portal html-page and configured the external captive portal on the aruba. When i connect to the guest-wifi, it opens the browser and displays the cp-page. But after clicking the Login-Button it reloads that cp-page and thats all.

    The source-code of that page looks like:

    <form method="POST" action="https://cp.host.tld/swarm.cgi">
<input type="hidden" name="cmd" value="authenticate" />
<input type="hidden" name="user" id="user" value="guest"><br>
<input type="hidden" name="password" id="password" value="guest">
<BR><input type="submit" name="Login" value="Login" class="button" />
</form>

    Is there an error in the cp-page?

     

    Is there any posibillity to debug the logon-process?



  • 2.  RE: IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 08:45 AM

    I'd recommend having a look at this blog post by Florian Baaske.

     

    In fact, I'd recommend subscribing! Very good blog. 



  • 3.  RE: IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 08:49 AM

    I`ve already had a look at that page and build my cp-page exactly like described there :(



  • 4.  RE: IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 08:54 AM
    Ah ok. :)

    Is this "cp.host.tld" your DNS name on your certificate on your Instants?


  • 5.  RE: IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 08:59 AM
    @jrwhitehead wrote:

    Is this "cp.host.tld" your DNS name on your certificate on your Instants?

    thats correct. I`ve installed a wildcard-ssl-certificate for our domain on the aruba iap.



  • 6.  RE: IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 09:35 AM

    I see. That could be the problem.

     

     

    Have a look at this: http://www.airheads.eu/t5/Controller-less-WLANs/Does-IAP-support-wildcard-certificate-for-captive-portal/ta-p/292431



  • 7.  RE: IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 09:45 AM

    I´m running version 6.4.4.8-4.2.4.6_58505 and regarding the release-notes that should work:

    Wildcard Server Certificate Support for Captive Portal
Instant 6.4.4.8-4.2.4.4 now supports the wildcard server certificate for captive portal authentication.

    http://support.arubanetworks.com/LifetimeWarrantySoftware/tabid/121/DMXModule/661/Command/Core_Download/Default.aspx?EntryId=24688



  • 8.  RE: IAP: Client cannot login to Guest-Wifi through external CP
    Best Answer

    Posted Apr 05, 2017 09:47 AM

    That's good.This is the bit that's important:

     

    When a wildcard SSL certificate (with CN as *.domainname.com) is installed on the IAP for captive portal authentication, IAP uses the URL as "captiveportal-login.domainname.com" to present the captive portal page. 

     

    Therefore the following should read:

     

    <form method="POST" action="https://captiveportal-login.host.tld/swarm.cgi">

     



  • 9.  RE: IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 09:56 AM

    Thank you so much, i`m working on that external captive portal thing for weeks and now its working!



  • 10.  RE: IAP: Client cannot login to Guest-Wifi through external CP

    Posted Apr 05, 2017 10:00 AM
    Excellent. Glad to hear it's working. :)