cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3532
Views
0
Helpful
13
Replies

is the WLC command 'config network web-auth captive-bypass enable' specific to only apple devices?

gregsawyer
Level 1
Level 1

if it is, is there a command to enable captive-bypass for Android operating system devices (smartphones, tablets, etc)?

13 Replies 13

Scott Fella
Hall of Fame
Hall of Fame

yes... the reason is because the iDevices try to reach a site to know if it has connectivity or not... if the device can't reach that site, it opens the portal page.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

i understand, but we have a need for Android devices too.  they want to access google or the google playstore.  is there a command to enable captive-bypass for Android operating system devices (smartphones, tablets, etc)?

No... There is no need. It's an option for apple devices to not present the splash page automatically. It forces the user to open up a browser.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

You could use a pre-auth ACL to allow some traffic through without authentication to get around this?

Thanks

Chris

what are you trying to accomplish?

as Scott said, that command stops the iDevice from automagically popping the spalsh page.  If you don't want the user to have to authenticate, or accept AUP, turn off web-auth on the WLAN.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

no, we do want them to authenticate.  we don't have a problem with the iDevices.  we are all good there.  they are working the way they should with the captive-bypass enabled.

i'm asking about Android devices.  it appears Android attempts to do the same thing.

is the captive-bypass command specific for iDevices, or does it cover all devices that attempt to do the same thing the iDevices do?

so far as I'm aware it's supposed to suppress any whisper client that is trying to reach out to the interwebs.  Not just the url that iDevices use.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

This will explian what the command was designed for... again... has nothing to do with Android. 

To detect this behavior, the Apple device sends a request to http://www.apple.com/library/test/success.html to see if it gets a response To detect this behavior, the Apple device sends a request to http://www.apple.com/library/test/success.html to see if it gets a response

http://tswireless.wordpress.com/2012/07/17/ise-webauth-with-ios-devices/

If you think your Android device is trying to reach something to verify connection, then figure out what its trying to reach (use a sniffer) and then like Chris mentioned, use a pre-auth acl and see if that helps.  Other than that, don't worry about that command as its specific to Apple.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

ok.  my understanding is that the Android devices try to reach something at google but that list of URLs is long and ever changing.  that's the problem with using the pre-auth ACL.

Well there is nothing that is going to support that.  I have a couple Android device that connects fine to any WebAuth, I just have to manually open a browser and login.  The command you specified is strictly for Apple.

http://www.apple.com/library/test/success.html

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

The command stops a whisper client from popping up and forcing you to open a browser.

But it doesn't stop any app that is trying to access the internet.  So it's not 'specific' to apple but to my knowledge, iDevices are currently the only devices doing this.

If someone decided to rewrite a rom for android and add this functionality in, it would block them as well.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

thank you all.  this is some very good information.

i posed the question to rule it out as to why we are having issues with android devices connecting.  we installed and are testing an Aruba ClearPass and the Android devices are giving us a problem.  i believe the issue is with the Aruba ClearPass box but at least this re-affirms my suspesion as to it being the Aruba ClearPass

apparently there was a bug in the Aruba ClearPass QuickConnect app.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: