We have now reloaded the WLC with CNA Bypass = enabled. 

Now the iPhones|Apple get no Bad Request 400, 
but the redirect to the sign on page do not work anymore. 

The iPhone clients connect to the open SSID and connection is established, 

If the user try to open a bookmarked site nothing happens. Only when the user will open 

a new site the redirect works. 

Is there any settings that prevent this behaviour? 

Kind Regards, 

Jacob 

Likely not, you would need to ask that team for support

Sent from my iPhone

Could you try this script for ISEPB portal:

<script>

setTimeout(function() {

var hostname = window.location.hostname;

var WebSessionId = window.location.href.substr(window.location.href.search("\\?")).split("=")[2];

jQuery('.t-root .t-block_content').append(' <center><a href="https://'+hostname+':8443/portal/PortalSetup.action?portal=3c379d60-fceb-11e5-b628-005056a49fb9&sessionId='+WebSessionId+'&action=cwa" style="color: rgb(0,255,0)"><font color="212121">Go to Guest Portal</font></a></center>');

}, 2000);

</script>

Tried it on portal page customization on ISE but no link is shown in the preview.

The little preview? Try the portal test url

Sent from my iPhone

Unfortunately, nothing is showing up with the script provided from Serhii Pustovit. I already tried it with the portal test url.

Could you please try this one? I've increased timeout.

<script>

setTimeout(function() {

var hostname = window.location.hostname;

var WebSessionId = window.location.href.substr(window.location.href.search("\\?")).split("=")[2];

jQuery('.t-root .t-block_content').append(' <center><a href="https://'+hostname+':8443/portal/PortalSetup.action?portal=3c379d60-fceb-11e5-b628-005056a49fb9&sessionId='+WebSessionId+'&action=cwa" style="color: rgb(0,255,0)"><font color="212121">Go to Guest Portal</font></a></center>');

}, 5000);

</script>

Here is default ISEPB portal with that link.

I copied the script but no success. That's where I entered your script:

The Link is not shown on the login page:

The link is now shown on the login page with the following script:

<script>

setTimeout(function() {

var hostname = window.location.hostname;

var WebSessionId = window.location.href.substr(window.location.href.search("\\?")).split("=")[2];

jQuery('.cisco-ise-body').append(' <center><a href="https://'+hostname+':8443/portal/PortalSetup.action?portal=463330a2-05cb-11e8-ab68-005056875f3d&sessionId='+WebSessionId+'&action=cwa" style="color: rgb(0,255,0)"><font color="212121">Go to Employee Login Page</font></a></center>');

}, 1000);

</script>

But still, when using the link in the CWA (captive network assistant) on a apple device, nothing is happening. Verified it on two apple iphone's. This is working fine on windows and android devices.

I would suggest a webex instead of back and forth here

Please email isepb@external.cisco.com<mailto:isepb@external.cisco.com> and will try to work through this

I am also struggling with the Apple mini browser of the captive network assistant. As suggested before activating Captive-Bypass and using Safari is working just fine but I'd rather get it working with Apple CNA.

Were you guys able to get the link working for Apple CNA?

Sorry for delay we are looking at validating in next few days