Client redirect issue with Guest and IAP
10-14-2019 04:11 PM
Hi all, looking for some help on a problem we have encounterd. We are using the IAP's in our remote offices and we are providing a Guest SSID. Our guest clients connect to the SSID and redirect as configured on the IAP to the CPPM server's login page. After credentails are entered CPPM sends the creds to the IAP as an HTTPS post and the IAP then send a RADIUS request to CPPM. In access tracker we see the RADIUS reqeust is successful, and a role assigned to the session. On the IAP we see the user is in the guest role that we defined. But then, the wheels come off. The client then is redirected in the browser to the IAP-VC's DNS name. The IAP answers the DNS request of this redirect to a 172.31.98.1 address. Does anyone have any idea why? Or where the redirect to the client is coming from? After a successful auth I would expect the client to then redirect to a page we define, or since we define no page, continue on to the original Internet site. Unfortuantly, the cert on the IAP is a internal signed CA cert, that is trusted for the communications between the IAP and CPPM, but not our 3rd party guests. So a cert error is encountered and this is not desirable. Before we purchase 3rd party certs for each remote IAP-VC, we would like to understand why that redirect is even coming into play. Please advise and thanks for your help!