IOS phones do not connect correctly to the SSID

SDT_Isai_Roa
Comes here often

IOS phones do not connect correctly to the SSID

Hello community, I am looking for your help with some problems with IOS devices.

 

I am reporting connection problems from IOS devices against the SSID they have with external captive portal authentication.

 

The devices detect the insecure network and do not load the captive portal interface preventing proper authentication.

This external authentication solution is done because the customer is a hotel and requires the captive portal for active guests in the hotel.

 

I am looking for your help if within the SSID configuration there is a way to present the SSID in a way that the IOS OS will detect the secure SSID for the connection.

 

Thank you.

4 REPLIES 4
alemabrahao
Kind of a big deal
Kind of a big deal

Is the portal using a valid or self-signed certificate?

 

Does the Device have the Root CA certificate installed?

cmr
Kind of a big deal
Kind of a big deal

Do you have a password, or is the network open (to the splash page)?  I'd suggest setting a pre shared key on the SSID.

Maumarti
Meraki Employee
Meraki Employee

Si es hotel, comúnmente el SSID no tiene password (está abierto), y se invoca un portal cautivo externo ("splash page"). Para interactuar adecuadamente con ese portal cautivo externo, y ver ejemplos de configuración del SSID, puedes revisar la siguiente documentación:

https://developer.cisco.com/meraki/captive-portal-api/overview/

 

A veces hay que poner algunos dominios en el "walled garden".

Puedes revisar también esta documentación.

 

No me parece que haga sentido poner un preshared key, que haría la experiencia de conectarse a la red más compleja (tener q meter un password + tener que lidiar con el tema del splash page, que probablemente pida credenciales que el hotel está dando)

cmr
Kind of a big deal
Kind of a big deal

@Maumarti I'd beg to disagree as an open network is insecure by design and none of our employees would be allowed to use it.  I also wouldn't use it personally.  Sometimes a little security is a little sensible.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.