11-22-2017 03:15 AM - edited 07-05-2021 07:54 AM
WLC 2504, AireOS 8.0.152.0
ISE 2.1 with CWA redirect
Client Android Samsung S4 and iOS iPhone 6s
Problem is, that WLC trying to intercept https redirected session with SSL certificate issued to its virtual interface 192.0.2.1.
And nowadays end points do not accept it and deal it as man-in-the-middle-attack.
So when I do ISE BYOD onboarding on android, i have problem to get redirection from https sites, and also have problem to access play.google.com for Cisco Network Setup Assistant download.
NET::ERR_CERT_AUTHORITY_INVALID
How should I command wlc to do not intercept https traffic with its own certification?
thank you for any advice.