• October 30, 2020, 09:54:01 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Captive portal and IOS  (Read 7124 times)

0 Members and 1 Guest are viewing this topic.

Offline jpmenil

  • Rookie
  • **
  • Posts: 14
Captive portal and IOS
« on: August 30, 2013, 09:45:26 AM »
Hi,,
another captive portal question :)

It seems that i can't make captive portal working with apple device.
Once connected to wireless, the client try to navigate, he is redirected, but the request hang.

However, the captive portal is working fine on windows, linux and android devices.

I've read ton of threads on many forums about ios 6 and captive portal issues.

Is it a know issue on RFS6000 too?

Best regards.


Offline mwted

  • Rookie
  • **
  • Posts: 6
Re: Captive portal and IOS
« Reply #1 on: August 30, 2013, 01:45:03 PM »
Apple devices are a nusicance since they have a difficult time dealing with HTTPS pages that do not have third party certificates on them.  What may be happening is if you require the user to login via a captive portal login page and that page is hosted on your switch or some server that does not have a third party certificate loaded on it the iOS device may not allow the user to create an exception to allow the "untrusted" webpage you are redirecting to load.  I saw this with some ipads and ipods but somehow the later iPhones running IOS6 and later seem to allow the redirection and offer an option to accept the untrusted site and navigate to the page.

Options if this is the scenerio are to purchase a third party certificate (Verisign or entrust or someone like that) and load it on the device hosting the cpative portal page or do not use https just http for the login page (which could expose user credentials so not a optimal choice depending on the amount of security your have in your site).  Motorola didn't really explain that well in their captive portal doc but its actually explained pretty well in a cisco doc explaining the best practices on using Apple devices in a wireless enterprise.

Offline Fido

  • Rookie
  • **
  • Posts: 20
Re: Captive portal and IOS
« Reply #2 on: September 01, 2013, 01:11:19 AM »
You just need to add "apple.com" to your DNS whitelist...

Offline jpmenil

  • Rookie
  • **
  • Posts: 14
Re: Captive portal and IOS
« Reply #3 on: September 03, 2013, 02:58:20 AM »
Hi,

i've switch https to http, and the same problem result.

apple.com was already in the dns whitelist.

As i say, on the iphone, the http request is redirect to the captive portal, but it timeout on it.
I can not reproduce this problem on android or any pc devices with winodws or linux.

Regards.

Offline Fido

  • Rookie
  • **
  • Posts: 20
Re: Captive portal and IOS
« Reply #4 on: September 03, 2013, 04:16:57 AM »
What version of WiNG are you running?

Offline jpmenil

  • Rookie
  • **
  • Posts: 14
Re: Captive portal and IOS
« Reply #5 on: September 03, 2013, 06:47:47 AM »
Hi,

thanks for the reply.

I'm running version 5.4.1.0-020R.

I will look in release notes, if something correspond.

Regards.

Offline jpmenil

  • Rookie
  • **
  • Posts: 14
Re: Captive portal and IOS
« Reply #6 on: September 27, 2013, 04:04:33 AM »
Hi,

i finally solve my problem.
After remote-debug, it occur that in centralize-controller mode, the client is redirected to a local dns name.
It work under android, linux and awindows.
Hower under ios, the iphone do an mdns request (224.0.0.251 on port 5353), instead of request to the local dns.

So, i move from centraliazed-controler to centralized, with binding to the ip.

Now the redirection is fully working under ios.

Offline McNulty

  • Sr. Member
  • ****
  • Posts: 217
Re: Captive portal and IOS
« Reply #7 on: September 27, 2013, 07:38:26 AM »
Wow, that was a tricky one! Thanks for posting the solution. Well done!