Security

Reply
Highlighted
New Contributor

Re: Apple iOS 11 Devices fail to access (Captive) Portal

Thanks Tim.  Truthfully I'm new to the Arubas and not wholly sure how our default captive portal works; we have 'Users for Internal Server' set up with usernames and passwords, folks use them to connect (only the iOS 11 folks no longer can).

They are always prompted as to whether or not they want to trust the certificate; they say yes, enter their password, and it fails.  This is still happening after installing the custom public CA-signed SSL, so I've definitely done something wrong.  Can you clarify about the DNS entry, please?

Guru Elite

Re: Apple iOS 11 Devices fail to access (Captive) Portal

To clarify, is this captive portal or 802.1X?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
New Contributor

Re: Apple iOS 11 Devices fail to access (Captive) Portal

I am not 100% sure how to tell.  I assumed from my investigations that this iOS11 issue was a captive portal issue, especially after going into the 'Security' settings and noticing that we HAD one (called 'default').

 

According to the settings for the wireless SSID in question...

1) WLAN Settings
Primary usage: Employee

2) VLAN
Client IP assignment: Network assigned
Client VLAN assignment: Default

3) Security
Key management: WPA-2 Enterprise
Authentication Server 1: InternalServer
Rauth interval: 0 hrs
There are a bunch of unchecked boxes. There is the 'default certificate' for the internal service and an 'upload certificate' button where I could, I realize now, upload my new certificate?
None of the 802.11 boxes are checked

4) Access
Unrestricted

 

Is that enough for you to go on?  If you need more information, please let me know.  Thank you so much for helping me with this, I really appreciate it!!

Guru Elite

Re: Apple iOS 11 Devices fail to access (Captive) Portal

Looks like you're using 802.1X

Couple of things:


1. You should be using an external RADIUS server
2. The default certificate should never be used

It's best if you open a TAC case.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
New Contributor

Re: Apple iOS 11 Devices fail to access (Captive) Portal

I'm not surprised to hear that the setup on this is very out of date.  What is the proper method for me to open a TAC case, should I just call in?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: