Wireless Access

 View Only

  • 1.  Captive Portal ARUBA IAP 303

    Posted Mar 26, 2019 05:56 PM

    hello,

     

    i just set up an access point with a guest SSID.

     

    i enabled the internal captive portal with internal (local) authentication.

     

    i created some users inside the AP.

     

    i defined a statique VLAN attached to that SSID (50)

     

    there is no restriction.

     

    DHCP is handled by a router (firewall).

     

    unfortunatly i runed in to some issues.

     

    so on an IPAD when i select the ssid the page of the captive portal is showing up, i enter login and password, but then i can't browse anything due to "page not secure".

     

    on windows i can't even have the captive portal page, can't browse anything, every website are "not secure"

     

    End device is getting an IP from DHCp, DNS is resolving

     

    AP is in 8.4 firmware ver.

     

    IP adress of the AP (management) is not in vlan 50

     

    Do anyone has any idea of what should i do to fix the problem ?

     

    Thanks



  • 2.  RE: Captive Portal ARUBA IAP 303

    Posted Mar 26, 2019 06:45 PM

    The default IAP certificate is a self signed certificate and just like any self signed CA, it is not trusted by any OS (excluding domain joined devices that will only trust their CA).

     

    Use a public CA signed certificate and the warning message should go away.

     

    For more information regarding uploading the cert, please use following link:

    https://www.arubanetworks.com/techdocs/Instant_41_Mobile/Advanced/Content/UG_files/Authentication/Certificates.htm



  • 3.  RE: Captive Portal ARUBA IAP 303

    Posted Mar 27, 2019 04:04 AM

    thank you for your answer,

     

    Usually when we try to reach a web site with a self signed certificate.

    there is the security alert but you can bypass it to access the web site,

     

    In my case, i don't have that option it's just showing "not secure" and there is no button that could allow me to access the website despite the error.

     

    (i'll provide screenshots)

     

    do you confirm that i should upload a public cert on the IAP ? because i don't have any ATM.

     

    And what about windows host. captive portal is not showing for them is the issue linked to the fact taht the cert is self signed ? thanks.



  • 4.  RE: Captive Portal ARUBA IAP 303

    Posted Mar 27, 2019 04:48 AM

    Each browser has its own way of interpreting an insecure certificate, some will throw a warning up and allow you to bypass, some will display a warning only and some won't even load the page. 

     

    The certificate which ships with the IAP is self-signed so will throw up warnings for most browsers. The below information also gives a bit more insight into Certificates and IAPs

     

    https://community.arubanetworks.com/t5/Controller-less-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Instant/ta-p/275814

     

    In short yes, you should upload your own publically signed certificate.



  • 5.  RE: Captive Portal ARUBA IAP 303

    Posted Mar 27, 2019 05:31 AM

    thank you for your answer,

     

    Here is some updates,

     

    Surprinsigly it's now working on windows, i have no idea why.

     

    when i lauch chrome i get the captive portal page, which was not the case before, i can click on the security exeption buton and see the captive portal form, then i enter credential, and i get internet access.

     

    on the ipad, i still get a security error, and i can't browse even after entering the creds.

     

    so has you say i think a public cert would be mandatory for some OS/browser.



Related Content