is the WLC command 'config network web-auth captive-bypass enable' specific to only apple devices?

Unanswered Question
Jan 4th, 2013
User Badges:

if it is, is there a command to enable captive-bypass for Android operating system devices (smartphones, tablets, etc)?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Fri, 01/04/2013 - 07:57
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

yes... the reason is because the iDevices try to reach a site to know if it has connectivity or not... if the device can't reach that site, it opens the portal page.



Thanks,


Scott


Help out other by using the rating system and marking answered questions as "Answered"

gregsawyer Fri, 01/04/2013 - 08:08
User Badges:

i understand, but we have a need for Android devices too.  they want to access google or the google playstore.  is there a command to enable captive-bypass for Android operating system devices (smartphones, tablets, etc)?

Scott Fella Fri, 01/04/2013 - 08:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

No... There is no need. It's an option for apple devices to not present the splash page automatically. It forces the user to open up a browser.

Sent from Cisco Technical Support iPhone App

Chris Illsley Fri, 01/04/2013 - 08:15
User Badges:
  • Bronze, 100 points or more

You could use a pre-auth ACL to allow some traffic through without authentication to get around this?


Thanks

Chris

Stephen Rodriguez Fri, 01/04/2013 - 08:29
User Badges:
  • Purple, 4500 points or more

what are you trying to accomplish?


as Scott said, that command stops the iDevice from automagically popping the spalsh page.  If you don't want the user to have to authenticate, or accept AUP, turn off web-auth on the WLAN.




HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

gregsawyer Fri, 01/04/2013 - 08:36
User Badges:

no, we do want them to authenticate.  we don't have a problem with the iDevices.  we are all good there.  they are working the way they should with the captive-bypass enabled.


i'm asking about Android devices.  it appears Android attempts to do the same thing.


is the captive-bypass command specific for iDevices, or does it cover all devices that attempt to do the same thing the iDevices do?

Stephen Rodriguez Fri, 01/04/2013 - 08:47
User Badges:
  • Purple, 4500 points or more

so far as I'm aware it's supposed to suppress any whisper client that is trying to reach out to the interwebs.  Not just the url that iDevices use.



HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Scott Fella Fri, 01/04/2013 - 08:55
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

This will explian what the command was designed for... again... has nothing to do with Android. 


To detect this behavior, the Apple device sends a request to http://www.apple.com/library/test/success.html to see if it gets a response To detect this behavior, the Apple device sends a request to http://www.apple.com/library/test/success.html to see if it gets a response


http://tswireless.wordpress.com/2012/07/17/ise-webauth-with-ios-devices/


If you think your Android device is trying to reach something to verify connection, then figure out what its trying to reach (use a sniffer) and then like Chris mentioned, use a pre-auth acl and see if that helps.  Other than that, don't worry about that command as its specific to Apple.



Thanks,


Scott


Help out other by using the rating system and marking answered questions as "Answered"

gregsawyer Fri, 01/04/2013 - 08:59
User Badges:

ok.  my understanding is that the Android devices try to reach something at google but that list of URLs is long and ever changing.  that's the problem with using the pre-auth ACL.

Scott Fella Fri, 01/04/2013 - 09:02
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Well there is nothing that is going to support that.  I have a couple Android device that connects fine to any WebAuth, I just have to manually open a browser and login.  The command you specified is strictly for Apple.


http://www.apple.com/library/test/success.html


Thanks,


Scott


Help out other by using the rating system and marking answered questions as "Answered"

Stephen Rodriguez Fri, 01/04/2013 - 09:07
User Badges:
  • Purple, 4500 points or more

The command stops a whisper client from popping up and forcing you to open a browser.


But it doesn't stop any app that is trying to access the internet.  So it's not 'specific' to apple but to my knowledge, iDevices are currently the only devices doing this.


If someone decided to rewrite a rom for android and add this functionality in, it would block them as well.



HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

gregsawyer Fri, 01/04/2013 - 10:11
User Badges:

thank you all.  this is some very good information.


i posed the question to rule it out as to why we are having issues with android devices connecting.  we installed and are testing an Aruba ClearPass and the Android devices are giving us a problem.  i believe the issue is with the Aruba ClearPass box but at least this re-affirms my suspesion as to it being the Aruba ClearPass

gregsawyer Fri, 01/04/2013 - 10:30
User Badges:

apparently there was a bug in the Aruba ClearPass QuickConnect app.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode