This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
I have configured ISE 2.4 to create wifi hotspots and self registration access. We user a WLC 2504 controller software version 8.5.
Everything works fine with windows devices and android devices which get correctly redirected to ISE portal pages. However, with the iphone we get errors. The phone connects to the ssid but then gives an error as below:
Error Opening Page - "Hotspot login cannot open the page because the server cannot be found". I believe this is trying to go to captive.apple.com. My redirect ACL on the WLC allows access to DNS and also to the ISE server. Do I need to add access to captive.apple.com in the ACL?
Another point is that the ise server has a certificate signed by a CA that is not a publicly trusted CA. I have added the root CA to my trusted certs on the iphone but still the same issue. I have also enabled web-auth captive-bypass and rebooted the WLC but still the same issues.
Any help would be great.
Thanks in advance
Solved! Go to Solution.
Many thanks Jason,
I have enabled captive bypass on the WLC. I am able to get a step further, so obviously I do not get automatically redirected to ise, however when I open a browser I do get redirected to ISE but that is as far as I can get as it tells me there is an issue with he certificate. I do not get the option to trust or add the certificate for ISE so I get stuck here.
The domain name is xxxxxxx.local. I have read somewhere that iphones do not like a .local domain.
Any other help would be great.
Thats great, thanks Jason. I will give this a try and let you know how I got on.