Hello Eric,

This is my ticket number : 624563083. M. Mehdi Boukraa is following my case (french language).

He made some tries, with differents devices (android and ios' devices), but I'm a little bit stuck here

help would be very grateful!

Thanks in advance.

Jonathan

I'd love to have one to test.  I'm not in a position to take my client's out of production.

My memory is that, when connected to a residential-class NATting router, primary network on VAP0, guest network on VAP1, Open network with captive portal enabled with guest auth, unsecured portal page, no https admin WebUI enabled...the CP worked (though I never tested it with iOS6).

Once it was connected to a real firewall with disabled inter-subnet routing and specific "pin hole" rules to allow http and https (even unfiltered, unproxied) from guest WLAN to WebUI/CP network, things changed.  At that time, I also did some VLAN juggling.

The CP continued to work (mostly) from Android and Windows devices, but there were changes.  Android devices stopped offering the notification to log into a guest network (browser auto-redirect to CP still worked, but the OS's notification stopped).  Windows boxes worked as usual.

Once deployed, it also became apparent that the well-documented iOS6 problem became apparent.  Of course, probably 90% of the guests are?...iOS6.

I have tried disabling the secure WebUI, placing the WAP321's IP address in the same IP network as the guests, disabling post-authentication redirection (from the CP)...all independently and together.  No joy.

Current firmware.

Eric,

Anything new on this?  The CP was one of the primary reasons my client purchased the WAP321, and it's a cause for embarrasment that it's not working.

Is there anything to report?

Thanks,

Andy

Hello all,

too much work these days, so personnaly I put it in stand by... I report asap.

Regards,

Jon

I was just in a meeting yesterday, and for this issue with CP. We have been asked to make sure all issues regarding this have been given cases numbers and are documented.

The way Cisco approaches issues is that the issues with the most cases opened, get the most attention. If you had a case and it is currently closed, please call in to have it reopened. If you do not have one, please call in to have one created. Once they are opened they will be funneled to me and I can help get them where they need to be.

Eric Moyers

I'm at a loss as to why I didn't get an email corresponding to your post, Eric.  I got the one from Jonathan's post just above it.

At any rate, we've started a ticket #624840121 for this rather long-standing problem (that makes this feature unusable as >50% of casual wireless clients are iOS).

Thanks for following up, Eric!

Hello Mr.Kinnard, I was actually approached on your case just over an hour ago. We have escalated your case to the Level 2 group handling this issue and you should be contacted by them shortly.

Thanks

Eric Moyers

I think it would behoove Cisco's brand image to stop considering this issue in terms of individual cases and start considering this as a show-stopping bug in a major feature of its premier Small Business line WAP.  It is totally pathetic that you have to come here requesting people start tickets on a long-standing problem that management can conclude is significant based on nothing more than the nature of the problem...it HAS to be affecting everyone that used the captive portal (unless they live in an island on which there is no Apple).

Totally agree with you Andy...

We bought these AP for its CP capabilities. I was expected from CISCO (or linksys?!) a little bit more. I did more tests, and it always works if I type on safari/firefox "http(s)://bla.bla.bla/cp.cgi?action=captive". of course, this is not a solution, but it demonstrates that it's not a firewall/router/vlan/switch problem...

I made some dummy searchs, and I found something related to MTU/jumbo frame, and that we had to lower it (below 1500 according to macrumors forum). but, hey!? can't find the option...

So I'm still frustrated. What can I do? Open security, no CP? of course not.

CISCO, we don't need help, we need solution and we need this working!

Yeah, there plain ISN'T an MTU option anywhere in the Web UI.

I have found no set of options that makes the CP work with iOS despite having tried many that shouldn't even impact it (like disabling HTTPS for the WebUI).  I do suspect that there is more going on than quickly meets the eye (AEB the change in behavior once I attached the unit to a real firewall such that guest networks were separated from other networks), and I'm sure we could at least figure out where the process fails if we were to generate enough packet captures and pour over those until our eyes bleed.

...BUT, that's simply not our job, nor would we be able to charge ANYONE for the many hours of skilled labor that would require...which would compound the already existing pain of recommending to our clients a product that simply doesn't work as advertised and which the manufacturer seems content to ignore (despite it characteristics that would impact every single customer who bought it to use the CP).  That type of bug tracking and squashing is supposed to be performed by the developers, and it should not take Cisco many months just to sufficiently prioritize the problem.

Anyone experiencing this issue, please call Cisco at the number in Eric's sig and get yourself a ticket #.  Post it back here so we can turn up the heat on this issue: it appears to be the ONLY metric to which management will attend.