cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1547
Views
5
Helpful
19
Replies

Skipping Web Passthrough for a single client

ALIAOF_
Level 6
Level 6

Is it possible to set one client up so that it can go online and does not have to open up a web page and click on the "Accept" button?

Trying to get this working for Apple TV which does not have a browser.  So since until a client clicks on the "Accept" button no traffic is passed clients can't see the Apple TV and connect to it.  However I don't want to disable the web passthrough option for every one.

19 Replies 19

Scott Fella
Hall of Fame
Hall of Fame

Why not create a new SSID for the Apple TV and use AP Groups to specify what APs will broadcast that SSID. Well you will not broadcast it to the clients but the AP will have it:). Then map that SSID for Apple TV to the same subnet as the iPad users, etc. You can't exclude devices from webauth.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Unfortunately that is not possible due to our setup.  I do have a different SSID for the Apple TV and both SSID's are mapped to the same network.  However the issue is that the first SSID have "p2p blocking enabled" and second one doesn't.  So all the clients are connecting to that too.

What I tried was the following:

Setup MAC Filtering, then setup "MAC Failure Action" to go to the web pass through redirect page and added Apple TV's MAC to the allowed MAC list however.  That sort of works but the clients after they hit accept it just keeps bringing that page up and does not finish the authentication.

I don't know why SSID is doing what. What I'm saying is that you create a new SSID just for the Apple TV (I think it supports WPA2-AES psk) and then that would map to the same vlan as the iPad users. So the Apple TV and iPads would be on a seperate WLAN SSID.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Already done that but then the iPad users if they do not connec to the same SSID they won't be able to see the Apple TV because that particular SSID have "P2P Block Action" set to "Drop".

Do you require that... If P2P is enabled and even if the Apple TV and iPads are on the same subnet, you are preventing the devices from communicating.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

It is not enabled on the second SSID where Apple TV and the iPad users are connected

SSID1 -------------> 192.168.1.0/24 --------------> Regular guest users (p2p actions drop)

                                   |

SSID2 -------------> 192.168.1.0/24 --------------> Apple TV and users who are connecting to Apple TV only (p2p blocking disabled)

This is what I'm trying to describe:

SSID1 -------------> 192.168.1.0/24 --------------> Regular guest users (p2p actions drop)

|

SSID2 -------------> 192.168.1.0/24 --------------> Apple TV users who are connecting to Apple TV only (p2p blocking disabled)  WebAuth

|

SSID3 -------------> 192.168.1.0/24 --------------> Apple TV only (p2p blocking disabled) WPA2-AES psk

-Scott
*** Please rate helpful posts ***

Just tried that scenario too but iPad won't see the Apple TV still.

I'm just surprised that there is no option to exclude a client if we want and if there isn't how come that other scenario with the MAC filtering isn't working.  May be I should create a case with Cisco.

Okay... do you have the following configured:

Multicast mode set to multicast

Global multicast enabled

IGMP Snooping enabled

Broadcast forwarding enabled

-Scott
*** Please rate helpful posts ***

You also might have to do this on the switch.... depends if you still can't get the ipads to see the Apple TV:

https://supportforums.cisco.com/message/3519224#3519224

-Scott
*** Please rate helpful posts ***

No I'm going to configure that and test it next week and post back the results thank you for your help and if that does not work I'll try wiring it too and see if that helps.

No problem... I assumed that you had the multicast stuff already enabled.  Give it a try... there are other post regarding the Apple TV that you might want to look at, but it works with some configuration changes.

-Scott
*** Please rate helpful posts ***

Good morning Scott, just a quick question.  I have enabled all those.  But I do get a message that the multicast IP is reserved by IANA it might not work properly.  I have the IP set as 224.0.0.1.  Should I just ignore that message?

that address shouldn't be configured anywhere.  It is the address that a device will send packets too.  When you configure multicast in your network, you should use a 239.x.x.x address, as this is reserved for locally scoped multicast groups.  Think of it like an RFC 1918 address for the clients.

Steve

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: