Built in Captive Portal / Certificate / Walled Garden (ZD3050 / 10.0.66)

  • 1
  • Question
  • Updated 3 months ago
  • (Edited)
Hello Community,

thanks for reading my first post. I have set up a ZD3050 with ~70 APs. Everything worked fine, I have set up severel test WLANs including zero IT to evaulate which soultions would best suit our needs.

I ended up with the built in captive portal. Since ZD throws the Users onto a https landing page, I have created and installed a let ́s encrypt certificate. The ZoneDirecor is reacheable from the internet, and the tested browsers do show a valid certificate without any errors.

But if an android client (tested Android 6, 7, 7.1, 8 and 8.1) connects to the WLAN, the user is presented with an error message claiming the log-in page might not belong to the organisation and that the connection might be insecure. However, if one clicks continue, the captive portal itself loads without any security warnings or invalid certificate notifications.

My second problem is the walled garden function that is available if you choose to use the customized hotspot services. I would like to use the ZD built-in captive portal, but I cannot find the walled garden function anywhere. So I tried to set up a customized hotspot, enable walled garden, and redirected the users to the built-in captive portal URL. This almost works :-) - users can log in, but then they are presented with a message saying please wait ... and nothing more happens.

Can anyone point me into the right direction or help me out with a hint how to overcome these problems ?

Thanks a ton,

Chris

(forgive me if the error messages do not match the English versions, I have tried to translate from German)
Photo of Chris Peter

Chris Peter

  • 2 Posts
  • 0 Reply Likes

Posted 3 months ago

  • 1
Photo of Igor Tunakin

Igor Tunakin

  • 33 Posts
  • 9 Reply Likes
Hi,
ZD has by default an Internal CA preinstalled. If you don’t want your clients see the warning page, you have to create (for small money) and install a Certificate on ZD:
https://support.ruckuswireless.com/answers/000001837

The walled garden function is only available in Hotspot Services
Photo of Chris Peter

Chris Peter

  • 2 Posts
  • 0 Reply Likes
Hello Igor,

thanks for replying. You might have not fully understood my post, so I try to clarify my two points again :

1.) I have installed a let ́s encrypt certificate. The certificate is valid, and no browser throws an error. Only Android clients get a warning BEFORE the browser is launched saying that the login page might not belong to the organisation.

2.) I know there is a walled garden functionality in Hotspot Services. I try to set this up. I try to use this with the bulit in authentication page, since ZD is using my radius server to authenticate the users. This all works. The only problem is that the users do not get redirected after login. Can I pass a parameter to the built-in login page to redirect them to a standard page, i.e. google ?

It would be nice to hear from you (or anyone else) that can help me with these problems.

Kind regards,

Chris