cancel
Showing results for 
Search instead for 
Did you mean: 

Captive portal redirection does not work

Captive portal redirection does not work

Georg
New Contributor

I have the problem that unauthenticated clients are not automatically redirected to the internal captive portal page of the XCA, but they can access the page when they type in the IP address of the XCA.

I already tried this with many different clients.

What can be the cause of this problem?

In the Identify world there were several options to trigger the automatic redirection, but on the XCA i have no clue what is required to let this work.

The Setup is:

VE6120 Small

Version 04.76.04.0005

AP310i Access-Points

1 ACCEPTED SOLUTION

SantM
New Contributor III

@Georg I did upgrade to the version 04.76.04.0005, created new network and new CP. It worked fine for me. Captured packets in AP and checked how it works in general. Seems that AP does some checks with DNS and does temporary redirection before it contacts XCA.

Client ip: 192.168.201.27

DNS : 192.168.100.115

XCA : 192.168.100.131

 

16c8be149e594f669ac7fe80eb850b68_ab2bda53-5b59-4771-b149-a9cd5f3f43c6.png

 

View solution in original post

26 REPLIES 26

Georg
New Contributor

Thank you so much Santosh for spending time on this.

So besides you are using a different vlan as default vlan, its the same config.

What software version and what kind of controller do you use?

SantM
New Contributor III

Hi Georg,

I did a quick test in my lab. See the config below.

405a0342df4a4a118d32ff4f797b0404_2dbcd1ae-268d-478d-858b-c4b37138fed2.png
405a0342df4a4a118d32ff4f797b0404_92e18fc2-160e-421c-98d8-e8a4b73ba065.png

 

It worked for me.

Make sure that you want to use vlan 1 as default vlan in your case.

 

BR,

Santosh

Georg
New Contributor

Some sidenotes:

 - The clients dont change their topology after successful authentication, so they are in the network, where they would have internet access if they werent be restricted by the unauth role.

 - The clients get a DHCP-address of the XCA, which is on the same subnet as the clients.

 - The DNS-server is set to 8.8.8.8

 - The XCA has internet connection and is able to reach public NTP servers

 - There are already pre-registered accounts at the xca, and if i manually go to the portal page, i am able to successfully login with one of these pre-registered accounts

 - I have already tried to use HTTP instead of HTTPS to check if its a certificate problem, without success

Georg
New Contributor

Hi Santosh,

Unfortunately the problem is not resolved and im troubleshooting this for days now 😞

Thank you very much!

SantM
New Contributor III

Ok. I got the snapshot I wanted. Let me try.

GTM-P2G8KFN