Captive Portal using client certificates on iOS

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Captive Portal using client certificates on iOS

L4 Transporter

Has anyone been able to successfully set up captive portal +Apple iOS devices + client certificates? I have all of this set up but running into a slight issue with iOS devices(works fine with Windows devices).  On the iOS device, when opening the Safari browser to get it to auth to captive portal, I get the pop-up that asks me to select the certificate to use for authentication.  The issue we're having is that the certificate window pops up two more times(have to select the certificate a total of three times) before the captive portal finally authenticates me.  Obviously, this will not be acceptable for a production network.  Anyone have any insight?

1 accepted solution

Accepted Solutions

L5 Sessionator

Hi ,

If Captive portal (appweb) does not receive an auth response within 3 seconds, the firewall will close the socket by default.

In case of SLOW auth servers, the timeout value may need to be changed. This can be accomplished with the following command:

# set deviceconfig setting l3-service timeout

  <value>  <3-30> timeout in seconds for l3 services


Hope this helps resolve the issue both of you are seeing. Please let us know how it goes.



Thanks

Numan

View solution in original post

2 REPLIES 2

L3 Networker

I have an open case with the same issue. It appears that the captive portal will only wait about 3 seconds for the client to send it's certificate before the connection is terminated by the firewall. I'm still investigating this timeout.

L5 Sessionator

Hi ,

If Captive portal (appweb) does not receive an auth response within 3 seconds, the firewall will close the socket by default.

In case of SLOW auth servers, the timeout value may need to be changed. This can be accomplished with the following command:

# set deviceconfig setting l3-service timeout

  <value>  <3-30> timeout in seconds for l3 services


Hope this helps resolve the issue both of you are seeing. Please let us know how it goes.



Thanks

Numan

  • 1 accepted solution
  • 3920 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!