Security

Hi,

I am looking for some guidance. I have a IAP305 deployment with no mobility controller. The six 305 AP's negociate a VC which talks back to our central Airwave application and downloads a config template. The template defines a guest SSID with captive portal which shold hand the radius request back to a central Radius server.

When a client connects, they receive an DHCP IP from the local firewall which acts as a gateway/hdcp server (show clients command on AP) but the captive portal page does not load for the client

I have a number of networks where the firewall is replaced with a router and the AP's are 205's and it works fine. I suspect the template being downloaded but the config looks simple and i cannot see any error.

The AP's has seperate vlans back to the firewall for management and SSID's.

Can someone please advise (If the AP's mgmt is in vlan 100 and the client receives an IP in vlan 110 (SSID A) how the AP can then download a portal page? What are the machanics of the particular step that is failing?

SSID's without captive portal work fine.

many thanks

Hi, have you loaded a public certificate to use for the SSL intercept? without a public certificate loaded onto the AP's you will have problems with the HTTPS redirect.

When a client connects, they receive an DHCP IP from the local firewall which acts as a gateway/hdcp server (show clients command on AP) but the captive portal page does not load for the client

Also make sure your client has a valid and working DNS server. The VC will need to be able to see the DNS Reply from the initial DNS query in order to re-direct the client to the Captive Portal.