Security

Hi community,

I want to use Instant and Clearpass with a http captive portal, int the instant captive portal profile I use Port 80 and disabled use https in Cleapass under Guest Authentication I unchecked the field Require HTTPS for guest access. But the IAP cannot redirect to the captive portal, error 404. When I use https port 443 insted everything works fine, but I´ve the certificate issue.

The costumer want to use http, what must I do do use http not https?

Thanks

Hey, just so i've understood this correctly the Captive Portal is not being displayed when using http. You see a cert/https error, what is the error that you see? Can you confirm if the client also has a working DNS server and has the correct ACL's to permit the DNS/http access to the Captive Portal?

Thanks

Hi,

yes you are right. When I use http, the captive portal is not displayed. The DNS Server for this network is a public dns like 8.8.8.8... http is allowed to the clearpass-server. the acls on the instand  for the preauth role is allow http to clearpass and allow https to clearpass.

I chanched it to https and the captive portal is displayed but we have no public cert at the moment for the clearpass server so our guests will have the cert error in the browser...

thanks

For testing, can you keep the https redirect and once landed remove the 's' in the URL bar and see if you get anywhere?  I do http testing myself at times though not via an IAP.  Cannot imagine it cares as it should be easier on it.  Do double check your ACL.