Cisco Support Community

Important Captive portal bypass changes needed for iOS 7

Due to changes in how Apple devices check for internet connectivity in iOS7 compared to older iOS 6 releases, the Cisco WLC captive portal bypass feature will need to be updated.  This is due to the changes that Apple uses in its URL's checks for internet access.  These changes are reflected in the following bug ID's

CSCuj18674 - captive portal/wispr support for apple ios7 (WLC bug ID)

WLC does not respond to the ios7 wispr requests because ios7 behaves differently from ios6 in sending the wispr requests. This will be fixed in the next release of 7.4 controller code due out in September and also will be fixed in 7.6 controller code due out by the end of the year.  If you need a fix sooner, you will need to contact TAC to obtain a special release that contains this fix  If you do not wish to upgrade code, you may try the work around as noted below.

CSCui89500 - CWA and BYOD flow on iOS 7 broken with auto-login enabled  (ISE bug ID)

When attempting to access the Guest Portal or BYOD an Apple iOS 7 device while the WLC "Captive Portal Bypass" feature is enabled, the web sheet on the device still appears, preventing the user from continuing the flow.  This is not an ISE bug per se, but a controller issue due to iOS 7 changes.


Workaround: Create an pre-auth ACL on the WLC that allows for the IP address that resolve from "" and "" FQDNs.


IMPORTANT NOTE: These IP addresses are associated with the FQDNs of "" and "" and are subject to change by the entities hosting those domains. If the IP addresses do change, the ACL would need to reflect that.

Cisco Employee

Also see the document linked below for more information...

"How does iOS 7 effect your Cisco Wireless Captive Portal?"

Link changed. Edited for new link

Link appears to be down

Cisco Employee

Updated link:

How does iOS 7 effect your Cisco Wireless Captive Portal?

Community Member

So, the workaround feature in 7.4 MR 2 basically fakes out the iOS 7 pseudo browser, forcing the user to use Sarfari to hit the splash page?

Cisco Employee

How can I get access to the document/link listed above? When I click on it I get an error stating that I don't have the proper permissions to view it.