We have a guest SSID that requires users to accept the terms of use before accessing the internet. They receive public DNS servers 8.8.8.8 and 8.8.4.4. We are also using clearpass for captive portal. This is my issue:
1. User connects to GUEST SSIDE
2. User trys to load a webpage, and gets re-directed to captive portal (we have a wildcard cert installed in clearpass so this connection is https and secure/trusted)
3. User accepts terms and clicks "login"
4. Redirect to "securelogin.domain.com" shows page cannot be displayed / DNS error.
5. We are using IAP205s in our network. No controllers.. just virtual ones.
6. Airwave version 8.2.2.1
During my research, I have done the following:
1. Installed wildcard cert within Airwave (PEM) to be pushed to IAP VC
(the CN of this cert if "*.domain.com"
2. Verified the VC has the correct wildcard cert with the AP commands
3. Changed the "address" field in clearpass guest to "securelogin.domain.com" (from the old securelogin.arubanetworks.com)
4. If I installed a private cert with a CN of "securelogin.domain.com" the redirect works but we get the error / untrusted message and need to trust the cert (which is expected"
5. I have updated the IAPs to the latestest "Early" release ArubaInstant_Taurus_6.5.0.0-4.3.0.1_57133 which supposetly allowed wildcard certs.
My only other thought is to purchase a public cert (not a wild card) and test.
I have been on the phone with Aruba and we can't figure it out.
Any help would be much appreciated.