Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2522
Views
5
Helpful
2
Replies

Any way to force web auth to open on apple devices?

Go to solution
Dustin Anderson
VIP
VIP

‎01-10-2020 11:06 AM

The WLCs have Captive Network Assistant Bypass if I have it do the guest login, but testing BYOD with ISE and apple devices don't pull up the registration portal by default. 

 

Is there any setting i'm missing to try to force this?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Colby LeMaire
VIP Alumni
VIP Alumni

‎01-10-2020 02:17 PM

With Captive Network Assistant Bypass enabled, the device will never be able to detect that there is a portal.  If you disable Captive Bypass, then the browser should open automatically.  The problem is that the full browser doesn't open by default which is why you would want to enable Captive Bypass to force users to open a full-featured browser.  The BYOD flow in ISE does not support the CNA browser that Apple opens by default when detecting a portal.  It may be just fine for basic Guest Login/Webauth.

View solution in original post

2 Replies 2

Go to solution
Colby LeMaire
VIP Alumni
VIP Alumni

‎01-10-2020 02:17 PM

With Captive Network Assistant Bypass enabled, the device will never be able to detect that there is a portal.  If you disable Captive Bypass, then the browser should open automatically.  The problem is that the full browser doesn't open by default which is why you would want to enable Captive Bypass to force users to open a full-featured browser.  The BYOD flow in ISE does not support the CNA browser that Apple opens by default when detecting a portal.  It may be just fine for basic Guest Login/Webauth.

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎01-10-2020 04:31 PM

@Dustin Anderson wrote:

The WLCs have Captive Network Assistant Bypass if I have it do the guest login, but testing BYOD with ISE and apple devices don't pull up the registration portal by default. 

 

Is there any setting i'm missing to try to force this?

Both the guest and BYOD guides talk about best approach, you don't use captive portal bypass for guest (allow use of mini-browser) but for BYOD you should enable captive portal bypass. Its best to separate the flows if you require a nice experience for both. You should really try to understand and choose the way you want to set it up

https://community.cisco.com/t5/security-documents/ise-guest-access-prescriptive-deployment-guide/ta-p/3640475

https://community.cisco.com/t5/security-documents/cisco-ise-byod-prescriptive-deployment-guide/ta-p/3641867

 

0 Helpful
Customers Also Viewed These Support Documents