Captive Portal using client certificates on iOS

Reply
L4 Transporter

Captive Portal using client certificates on iOS

Has anyone been able to successfully set up captive portal +Apple iOS devices + client certificates? I have all of this set up but running into a slight issue with iOS devices(works fine with Windows devices).  On the iOS device, when opening the Safari browser to get it to auth to captive portal, I get the pop-up that asks me to select the certificate to use for authentication.  The issue we're having is that the certificate window pops up two more times(have to select the certificate a total of three times) before the captive portal finally authenticates me.  Obviously, this will not be acceptable for a production network.  Anyone have any insight?

L3 Networker

Re: Captive Portal using client certificates on iOS

I have an open case with the same issue. It appears that the captive portal will only wait about 3 seconds for the client to send it's certificate before the connection is terminated by the firewall. I'm still investigating this timeout.

Highlighted
L5 Sessionator

Re: Captive Portal using client certificates on iOS

Hi ,

If Captive portal (appweb) does not receive an auth response within 3 seconds, the firewall will close the socket by default.

In case of SLOW auth servers, the timeout value may need to be changed. This can be accomplished with the following command:

# set deviceconfig setting l3-service timeout

  <value>  <3-30> timeout in seconds for l3 services


Hope this helps resolve the issue both of you are seeing. Please let us know how it goes.



Thanks

Numan

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!