No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Portal Authentication Failure on iOS

Publication Date:  2019-07-04 Views:  2690 Downloads:  0

Issue Description

During Portal authentication, some iOS devices detect Wi-Fi networks and display the Portal authentication page. After users enter their user names and passwords, no authentication results are displayed, and the icon indicating Wi-Fi connection is not displayed, either. The iOS devices then switch to the 3G network.

Handling Process

Step 1 Open the Portal authentication page using a browser on the server. Enter a user name and password to check authentication of this account. After the authentication is successful, check RADIUS online logs. Ensure that no errors are displayed, then force this user account to go offline.

Step 2 Test Portal Authentication on a PC and an Android mobile phone. No problems are found.

Step 3 Check whether Safari is enabled in the settings of iOS devices. Safari is enabled.

Step 4 To support the processing mechanism of the iOS system, add the following command in the system view on the access controller (AC):

   [AC6605] Portal captive-bypass enable


Root Cause

After connecting to a Wi-Fi network, an iOS device attempts to access a specified website to check network connectivity.

 If the network is well connected, an icon indicating Wi-Fi connection is displayed in the status bar of the iOS device.
 If the network is disconnected, web page redirection may be implemented. The iOS device can connect to the network only after passing authentication on the redirected page. If the authentication fails, the iOS device will be disconnected from the current hotspot. This function provided by Apple is called Captive Network Assistant (CNA) or Captive Web Portal (CWP). If the user clicks Cancel on the Portal authentication page, or does not submit for authentication immediately after entering the user name and password, the iOS device considers the authentication fails and disconnects from the current hotspot.

After the Portal captive-bypass enable command is added, the AC automatically permits the specified website that the iOS device attempts to access before successful authentication. The iOS device then detects that the network is well connected and therefore will not disconnect from the Wi-Fi network. The user can attempt Portal authentication, and can access network resources in the post-authentication domain after successful authentication.