https://community.cisco.com/t5/wireless/captive-apple-com-portal-appearing/m-p/5372276#M288805 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/292634">@perrymcgrew</a>&nbsp;</P> <P>&nbsp;What is the authentication method you are using? It is Guest network? Usually, apple and android devices when connected to a network, they try to reach some URL in order to check internet connectivity and this is used by the WLC to perform the redirect.&nbsp;</P> <P>If you are using portal, it seems the redirect is not working.&nbsp;</P> Tue, 24 Feb 2026 15:39:12 GMT Flavio Miranda 2026-02-24T15:39:12Z https://community.cisco.com/t5/wireless/captive-apple-com-portal-appearing/m-p/5372213#M288799 <P>All of a sudden, Apple devices are displaying the captive.apple.com "Success" page when attempting to join ANY wi-fi network.&nbsp; It is not a DNS resolution issue.&nbsp; &nbsp;Our internal DNS forwards to Cloudflare.&nbsp; &nbsp;We tried changing them to Google's 8.8.8.8 and it did not help.</P><P>There is no internal Firewall between the clients and the 9800L (17.12.05)</P><P>If I click on the "X" on the upper right corner of the Captive page and choose to continue with No Internet, the device will continue to connect to the SSID and have Internet access.&nbsp;</P><P>TAC claims it is a DNS resolution issue -- takes too long and that makes the Apple device "believe" there is a Captive Portal.&nbsp; &nbsp;Androids, which have there own captive portal probe and Windows devices are NOT seeing any issues.&nbsp;</P><P>I did a Curl -v <A href="http://captive" target="_blank">http://captive.apple.com&nbsp;</A>on our Firewall to test and got 200 return code - which is good.&nbsp; &nbsp;Trying to figure out next steps.&nbsp; &nbsp;</P><P>TIA</P> Tue, 24 Feb 2026 12:15:37 GMT https://community.cisco.com/t5/wireless/captive-apple-com-portal-appearing/m-p/5372213#M288799 perrymcgrew 2026-02-24T12:15:37Z https://community.cisco.com/t5/wireless/captive-apple-com-portal-appearing/m-p/5372276#M288805 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/292634">@perrymcgrew</a>&nbsp;</P> <P>&nbsp;What is the authentication method you are using? It is Guest network? Usually, apple and android devices when connected to a network, they try to reach some URL in order to check internet connectivity and this is used by the WLC to perform the redirect.&nbsp;</P> <P>If you are using portal, it seems the redirect is not working.&nbsp;</P> Tue, 24 Feb 2026 15:39:12 GMT https://community.cisco.com/t5/wireless/captive-apple-com-portal-appearing/m-p/5372276#M288805 Flavio Miranda 2026-02-24T15:39:12Z https://community.cisco.com/t5/wireless/captive-apple-com-portal-appearing/m-p/5372365#M288816 <P>The SSIDs are using PSK.&nbsp; No captive portal is used.&nbsp; &nbsp;I discovered the root cause later this morning.&nbsp; I needed to run the curl *inside* my network to get complete picture.&nbsp; &nbsp;I ran it from my W11 laptop -- got the same 200 return code, but noticed that the site passes through our Anti-Phishing protection offered by the firewall.&nbsp; I created an exception rule for the url captive.apple.com that bypassed the Phishing protection.&nbsp; It worked - no captive portal - and the MDM controlled Apple devices could join immediately.&nbsp; The Phishing process must introduce just enough latency to make the Apple devices think they are behind a captive portal.&nbsp; We just applied vendor patch to our Firewall last week.&nbsp; Just to verify, i ran the curl against the published Android portal probe URL and the Phishing process lets it through.&nbsp; Placed a ticket in with our Firewall vendor for a formal fix / explanation.&nbsp; &nbsp; &nbsp; &nbsp;</P> Tue, 24 Feb 2026 19:01:51 GMT https://community.cisco.com/t5/wireless/captive-apple-com-portal-appearing/m-p/5372365#M288816 perrymcgrew 2026-02-24T19:01:51Z