Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

whitelisting of Apple devices

This thread has been viewed 5 times

  • 1.  whitelisting of Apple devices

    Posted Aug 06, 2014 03:38 AM

    i was just wondering if my whitelist for smart devices is up to date.

    We are getting Apple devices trying to get to sites that dont appear in

    my current whitelist.

    Any ideas Airheads?

    cheers

    Pete

    p.s. current walled garden contents

     

    wlan walled-garden

      white-list ".akamaiedge.net"

      white-list ".apple.com"

      white-list ".apple.com.edgekey.net"

      white-list ".ggpht.com"

      white-list "www.airport.us"

      white-list "www.akamaitechnologies.com"

      white-list "www.appleiphonecell.com"

      white-list "www.ibook.info"

      white-list “www.itools.info

      white-list www.thinkdifferent.us

      white-list “.whois.arin.net”

     



  • 2.  RE: whitelisting of Apple devices

    EMPLOYEE
    Posted Aug 06, 2014 08:08 AM
    What are you trying to accomplish? I don't do any white lists other than OCSP.


  • 3.  RE: whitelisting of Apple devices

    Posted Aug 06, 2014 08:19 AM

    Hi Tim,

    thanks for getting back.

    We have an Instant cluster and we are pushing guest to Clearpass.

    The smart devices Apple Android etc. like to contact their respective websites for verification.

    So i have enabled automatic whitelisting of url's and entered the above whitelist which appears in the walled garden.

    Howvever the Instants are not allowing any devices on to the system and i can see Apple iphones trying to

    talk to 173.0.0.0 addresses but getting denied.

    I have put an allow in to these in the pre-auth role addresses and it works but i was hoping to use domain names

    from the whitelist (ip addresses can change!!)

    any ideas?

    cheers

    Pete

     



  • 4.  RE: whitelisting of Apple devices

    EMPLOYEE
    Posted Aug 06, 2014 08:21 AM
    Is the captive portal not working currently? You shouldn't have to allow those anymore. It's actually best to not allow all of Apple so the captive network assistant appears for guest registration.


  • 5.  RE: whitelisting of Apple devices

    Posted Aug 06, 2014 08:36 AM

    Are we expecting the CNA to open up?. What the customer wants is when they connect to the guest SSID, a browser automatically opens up and (providing they have a DNS resolvable address as a home page) get redirected to Clearpass. If we have the whitelist set they are not redirected - If we allow to the 173..x.x.x subnet as an ACL in the pre-auth role they do get redirected.

    BTY I am working with Pete on this.



  • 6.  RE: whitelisting of Apple devices

    Posted Aug 06, 2014 12:03 PM

    Tim,

    i see you what you mean about the CNA coming up and it does on our controller sites.

    However on our Instant sites it is not coming up.

     

    Have you seen this before?

     

    I read that the CNA comes up if the success.html file is not downloaded from the Apple websites.

    So i am a bit confused.

    cheers

    Pete

     



  • 7.  RE: whitelisting of Apple devices

    Posted Sep 09, 2014 01:25 AM

    i have put these url in my controller still m facing problem . when apple user try to connect wifi that time getting error.so please suggest me more url 's .