This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Captive Portal using client certificates on iOS

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Captive Portal using client certificates on iOS

Go to solution
jambulo
L4 Transporter

‎11-05-2013 01:39 PM

Has anyone been able to successfully set up captive portal +Apple iOS devices + client certificates? I have all of this set up but running into a slight issue with iOS devices(works fine with Windows devices).  On the iOS device, when opening the Safari browser to get it to auth to captive portal, I get the pop-up that asks me to select the certificate to use for authentication.  The issue we're having is that the certificate window pops up two more times(have to select the certificate a total of three times) before the captive portal finally authenticates me.  Obviously, this will not be acceptable for a production network.  Anyone have any insight?

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
mbutt
L5 Sessionator

‎11-06-2013 08:40 AM

Hi ,

If Captive portal (appweb) does not receive an auth response within 3 seconds, the firewall will close the socket by default.

In case of SLOW auth servers, the timeout value may need to be changed. This can be accomplished with the following command:

# set deviceconfig setting l3-service timeout

  <value>  <3-30> timeout in seconds for l3 services


Hope this helps resolve the issue both of you are seeing. Please let us know how it goes.



Thanks

Numan

View solution in original post

0 Likes Likes
2 REPLIES 2

Go to solution
NoahMH
L3 Networker

‎11-06-2013 07:45 AM

I have an open case with the same issue. It appears that the captive portal will only wait about 3 seconds for the client to send it's certificate before the connection is terminated by the firewall. I'm still investigating this timeout.

Go to solution
mbutt
L5 Sessionator

‎11-06-2013 08:40 AM

Hi ,

If Captive portal (appweb) does not receive an auth response within 3 seconds, the firewall will close the socket by default.

In case of SLOW auth servers, the timeout value may need to be changed. This can be accomplished with the following command:

# set deviceconfig setting l3-service timeout

  <value>  <3-30> timeout in seconds for l3 services


Hope this helps resolve the issue both of you are seeing. Please let us know how it goes.



Thanks

Numan

0 Likes Likes
  • 1 accepted solution
  • 4349 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks