Frequent Contributor II

Cisco WLC

Anyone doing mac-auth with an open SSID on a CiSCO WLC with a captive portal on Mac failure. We have a Cisco WLC.

We can get mac-auth working and authentication with the local web auth service but when we combine both so we have mac filter with a web policy on Mac failure. It doesn't work well on iOS devices. Windows pcs work okay but iPads and iPhones are not user friendly.

All works well on aruba controller.

Aruba Employee

Re: Cisco WLC

IOS devices behave differently for the captive portal authentication after you upgrade to IOS 6.0.  they will try communicating to and will expect a message "success" over html. 


MY 2 cents :)


But if its something thats not working in Cisco WLC, i recomend to contact CISCO tac. 


Vinod Kumaar AVM ACMX, ACDX
Principal Network Engineer
Customer Advocacy | Aruba Networks Inc.

Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the bottom right hand corner of the post.
Frequent Contributor I

Re: Cisco WLC

I sent you a PM but thought I'd post here for others as well.


vkumaar is correct, they try to do a lookup on, but I'm blocking Web Traffic to anything except my CP-Guest Server, so I believe its simply a DNS lookup and ICMP response to the clients.  You can do a couple things, you can add an IP Address for Apple's Website into your Pre-Authentication ACL, or, My suggestion, would be to add the following lines to the same ACL:




Doing this took care of all my Captive Portal Apple issues. 

I know, with the old Amigopod, you could add a "/landing.php?/" to the front of your registration page link, and it would Bypass the Apple portion of the captive portal.  I have not tried it lately so I do not know if that is still being used with the newer versions of Clearpass Guest.  When I move to Clearpass 6.2 in the coming months, I might look at it again.  Any developers know for sure if this still is the case with CP 6.2 and up?

Search Airheads
Showing results for 
Search instead for 
Did you mean: