https://community.cisco.com/t5/wireless/wlc-5508-8540-turn-off-guest-wifi-acceptance-page-and-necessary/m-p/4153255#M4320 <P>Hey all, wanted to make sure I am on the right track for disabling both the SSL 3rd party cert and disabling the acceptance page for our guest network.&nbsp; The reasoning behind disabling the 3rd party cert is because after upgrading our Entrust cert back in June no MDM managed Apple devices (iphone / ipad) are able to connect to our guest network.&nbsp; This "appears" to be an Apple issue directly related to the fact that as of iOS 13 if an MDM is present it blocks the ability to install certificates when people attempt to join the network.&nbsp; So at this point we feel it may be the best case to just disable the use of the SSL cert for this specific wireless network.&nbsp;</P><P>I assume I would go about it by going to Management - HTTP-HTTPS - disabling "WebAuth SecureWeb".&nbsp; Also do I disable the HTTPS access option and enable the HTTP access option?</P><P>In order to get rid of the splash screen / agreement page / etc I assume I would just go into the specific WLAN and navigate to Security - Layer 3 - and select none for Layer 3 security?&nbsp; The reason I have a 5508 and 8540 listed is because one is our DMZ controller that handles our guest network and then anchors to our core controller of the 8540.&nbsp; Would I need to complete the above on both controllers?</P><P>&nbsp;</P><P>Thanks for any assistance you can provide!</P> Mon, 05 Jul 2021 19:31:34 GMT Tech_Newb 2021-07-05T19:31:34Z https://community.cisco.com/t5/wireless/wlc-5508-8540-turn-off-guest-wifi-acceptance-page-and-necessary/m-p/4153255#M4320 <P>Hey all, wanted to make sure I am on the right track for disabling both the SSL 3rd party cert and disabling the acceptance page for our guest network.&nbsp; The reasoning behind disabling the 3rd party cert is because after upgrading our Entrust cert back in June no MDM managed Apple devices (iphone / ipad) are able to connect to our guest network.&nbsp; This "appears" to be an Apple issue directly related to the fact that as of iOS 13 if an MDM is present it blocks the ability to install certificates when people attempt to join the network.&nbsp; So at this point we feel it may be the best case to just disable the use of the SSL cert for this specific wireless network.&nbsp;</P><P>I assume I would go about it by going to Management - HTTP-HTTPS - disabling "WebAuth SecureWeb".&nbsp; Also do I disable the HTTPS access option and enable the HTTP access option?</P><P>In order to get rid of the splash screen / agreement page / etc I assume I would just go into the specific WLAN and navigate to Security - Layer 3 - and select none for Layer 3 security?&nbsp; The reason I have a 5508 and 8540 listed is because one is our DMZ controller that handles our guest network and then anchors to our core controller of the 8540.&nbsp; Would I need to complete the above on both controllers?</P><P>&nbsp;</P><P>Thanks for any assistance you can provide!</P> Mon, 05 Jul 2021 19:31:34 GMT https://community.cisco.com/t5/wireless/wlc-5508-8540-turn-off-guest-wifi-acceptance-page-and-necessary/m-p/4153255#M4320 Tech_Newb 2021-07-05T19:31:34Z https://community.cisco.com/t5/wireless/wlc-5508-8540-turn-off-guest-wifi-acceptance-page-and-necessary/m-p/4158002#M4321 <P>turning off the cert would surely be the wrong way to solve the problem.<BR />this question for accepting your "upgraded" cert appearing,<BR />may indicate this new cert also uses a new root CA or intermediate CA, that is not known to these clients.<BR />-&gt; they need to update their root-CA list using the MDM of their company</P> <P>it may also indicate an error is made when the new cert is installed,</P> <P>e.g. it may only the cert, without the certificate chain is installed</P> Mon, 28 Sep 2020 09:15:04 GMT https://community.cisco.com/t5/wireless/wlc-5508-8540-turn-off-guest-wifi-acceptance-page-and-necessary/m-p/4158002#M4321 pieterh 2020-09-28T09:15:04Z