M and MSM Series
cancel
Showing results for 
Search instead for 
Did you mean: 

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

 
SOLVED
Go to solution
Highlighted
Advisor

MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

I have a MSM765zl with MSM422 APs currently working, with the exception of Apple iPad and iPhone users. I'm using HTML-based user logins with the authentication handled by my backend RADIUS servers. When 'normal' clients connect to the SSID, they are given a DHCP address and then need to open a browser to login via HTML-auth. That works great.

When an iPhone/iPad client connects to the SSID, a web browser automatically comes up (after a few seconds) at which they type in their login credentials. From the MSM765 management interface, I see that they are connected and authenticated. But on the client the Session Information screen (username, ipaddress, state, time and byte counters) is displayed but nothing else. On 'normal' clients, this is a separate window once the broswer is opened and authenticated.

This works correctly on older (pre Apple OS 4) iPod touchs, but once they are updated to OS3 (or I'm assuming the new iOS4) they fail in the same way.

I'm starting to think that I'll need to ditch the HTML-based auth, but I would really like to keep it if I could.
Anyone else seen this problem, and better yet solve it?
Tom
10 REPLIES 10
Highlighted
Advisor

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

Forgot to add that while the session information screen is displayed, the Username and IP address fields are blank and the State field is 'Logged Out' after entering the login info.
Highlighted
Trusted Contributor

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

What SW version do you have? I believe this was fixed in the latest/more recent version of the SW (v5.4)
Highlighted
Advisor

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

I'm currently running 5.3.5.0-01-7943, I'll need to see about buying the update to 5.4.
Thanks!
Tom
Highlighted
Trusted Contributor

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

Check with support first to really make sure it fixes your issue ;) I haven't tried it yet...
Highlighted
Trusted Contributor

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

Hum, I just tried it on my setup and it worked. I have an iPod touch OS 3.1.2. I figured that you may be confused with the way the page flow is displayed.

On a regular PC browser, you get the session page and the destination page in 2 separate windows. The session page being spawn as a popup window off the login page and the destination page (the original URL that you wanted to go to) is refreshed in the main window.

The iPod/iPad safari browser support is much simpler as windows open up in separate "tabs" or equivalent.

Therefore the session popup window become what you primarily see on the screen, but you should check on the "number of opened windows" icon on the bottom right and you should see a "2" in there. If you click on the icon and go back to the first window, you will see it has been refresed with the content of your original URL. This behavior is consistent with the default experience of the MSM product on regular PC browsers, just that it is slightly different due to the way the iPod/iPad OS and Safari is implemented on these mobile devices.

If you don't want this behavioe, then you can edit/change the HTML of the login page on the controller to avoid displaying the session page (for example) and I'm pretty sure it will work (you would get only a single window in that case and get redirected to the destination URL)
Highlighted
Advisor

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

Fred, can you check on your 765zl config page (Controller/Public access/Web content) to see if you have 'Redirect users to the Login page via:' checked as HTTP or HTTPS?
We've found that if it's set to HTTPS (I am still using the self-signed cert in the controller) that it acts like the iPod v2.0, in that you select the wireless SSID, it assigns an IP address, then you go to home and select Safari and it then brings up the login window.
If, on the other hand, you have HTTP selected, after selecting the SSID the iDevice waits for a second or two, then brings up a browser window with the login panel. Different operation in that you don't click on the home button and then select Safari. The problem is, this browser window isn't full Safari so you don't have multiple tabs or windows.

I'm not sure why it's different depending on the HTTP vs HTTPS setting in the web content admin page. I'm worried that I'll get the HTTP window behavior once I get a real cert.

I think I'll have to recode the web content to just remove the session window.
Tom
Highlighted
Trusted Contributor
Solution

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

Yes, I've checked and it is exactly as you have described. However if you remove the session window from the HTML what happens is that you get the login page, then once logged in it goes back to the network page.. you can then exit and lunch a safari after that.. seems to work well... So definitely tweaking the page is the way to go.. I believe you can also check with a javascript the browser signature and detect whether it is an iPod/iPad or a real computer and kick off the session page or not depending on what you need.
Highlighted
Advisor

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

Fred, thanks for the confirmation. Even though we will be using https for the login, I'm going to go ahead and recode the index.asp file to detect for mobile clients and not bring up the session page.

That brings up another problem, but since it's not specific to this issue, I'll close this out and start a new thread.
Tom
Highlighted
New Member

Re: MSM765zl + MSM422 and HTML auth with Apple iPads/iPhones

Hi Tom -

Did you ever resolve the iPad problem? Can you share details of any changes to the MSM HTML pages?

We're having trouble getting iPads to stay connected to the MSM422's. Guest access seems fine for "standard" clients (PC's running Internet Explorer).

Our environment:

MSM710 controllers
software version 5.3.5.30-01-8051
MSM422 access points

Use controller for both authentication and access control
Client data tunnel: yes
Wireless protection: none
Wireless security filters: enabled
DHCP Server: enabled, taken from global settings

Thanks!