The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes how to add a feature to a Cisco Wireless LAN Controller (WLC) that bypasses the Apple Captive Network Assistant (CNA) on iDevices and OS X machines. This feature solves the problem of a redirect page that does not appear.
Cisco recommends that you have knowledge of these topics:
The information in this document is based on these software and hardware versions:
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Refer to Cisco Technical Tips Conventions for information on document conventions.
When an Apple iDevice (such as an iPad, iPod, or iPhone) or an Apple OS X machine (on version 7.1 or higher) connects to a wireless network, it sends a request to a success page on the Apple website.
The user does not see the configured captive portal page when connected through the Cisco WLC. Instead, the user sees this blank page from the Apple website:
The captive portal can be hosted on either the WLC or on an external server such as a Cisco Identity Services Engine (ISE). Due to the limited capability of the CNA browser, the content of the page cannot be displayed, and a blank page is shown instead. When the blank page is displayed and the CNA browser is closed, the device disconnects from the wireless network and the user cannot open the full browser page and log in.
Version 184.108.40.206 or higher of the Cisco WLC contains a feature that bypasses the CNA feature on Apple devices. This feature is only available in the command-line interface (CLI).
config network web-auth captive-bypass enable
Reboot the controller for this feature to take effect. The next time a device logs onto the wireless network, the user must manually open a browswer to be redirected to the captive portal.