Skip to main content

90 Messages

 • 

1.6K Points

Tue, Oct 18, 2016 6:58 PM

Answered

Apple CNA not working 200.2

Just updated an Unleashed network to 200.2. The guest network is no longer bringing up the authentication screen on Apple devices, users are forced to open a web browser which can cause confusion and unsatisfactory guest experience. I've tried checking if there is a bypass Apple CNA option like on ZD managed networks but I can't find anything.

Can anyone replicate this problem?

Responses

Brand User

2.6K Messages

 • 

44.8K Points

4 years ago

The purpose of Apple CNA is to prevent the pre-browser "thingy" of Apples, that does not trigger WebAuth authentication correctly.

90 Messages

 • 

1.6K Points

I did some digging myself. According to 200.2 Release Notes Known Issues:

"The pre-launch browser is not appearing when the Bypass Apple CNA feature is disabled for WISPr and Guest Access authentication. This means that users will have to launch a Safari browser window to be able to complete guest authentication. [UN-444]"

Michael Brado, any idea when this known bug is going to be fixed? This has quite an impact on the guest user experience. 

90 Messages

 • 

1.6K Points

4 years ago

Right...which I don't want to "prevent". Tpically there is an option to bypass Apple cna or not, but I don't see the option to enable/disable. In 200.1 when I connected to guest network, it promptly brought up authentication page without having to launch safari, which is my intended behavior.
Brand User

2.6K Messages

 • 

44.8K Points

4 years ago

Sorry I didn't recall that Release Note caveat.

Please open a ticket with our Tech Support, and cite the UN-444 bug and your business impact,
so the Priority gets raised.  That is the best way to get visibility into the developers, to get a 200.2
refresh/patch build asap.  Thank you.
Brand User

2.6K Messages

 • 

44.8K Points

4 years ago

Hello,

   I've followed the UN-444 "bug" to learn it's related to ZD 9.13 new "feature" to allow HTTPS
URLs for Guest Access redirection.  For Guest WLAN the client HTTP request gets translated
to HTTPS by ZD/Master AP, and won't trigger Apple pre-launch browser.  Users need to open
Safari to finish guest authentication.  This is a limitation for ZD 9.13 and Unleashed 200.2 today,
that DevEng are researching for a possible fix, hopefully by the next release.

  It would still be helpful if you open a ticket, that can be linked to the bug for visibility, that helps
drive priorities.

90 Messages

 • 

1.6K Points

I submitted a ticket and its status has been updated to "defect". Hopefully this gets resolved soon. 

3 Messages

 • 

112 Points

Agreed. This needs remediation or the option of bypassing it altogether like on the ZDs.