Help
Wireless Controller
Dedicated Wi-Fi control and management for high density and mobility
gkaur
Staff
Staff

Created on ‎12-02-2015 12:50 AM

Article Id 191779

Meru Technical Note - FQDN does not appear after Captive Portal Authentication

Description

FQDN doesn’t appear after Captive Portal Authentication?


Scope

KB ARTICLE TYPE: Troubleshooting

RELATED PRODUCTS: All Meru controllers

RELATED SOFTWARE VERSIONS: All Software versions

KEYWORDS: Captive portal, web interface, CLI


Solution
STEP 1: Configure “webauth” for the security profile and map it to the ESS profile.

STEP 2: Ensure that the wireless clients get the correct IP address along with the DNS server IP after connecting to the Captive Portal SSID. Also ensure that the DNS is capable of resolving the IP address of the Controller to FQDN.

STEP 3: For Example: Configure Controller’s IP address as “10.10.158.50” hostname as “meru” and the DNS name as “merulab.com” so FQDN of the controller would be "meru.merulab.com"

STEP 4: Configure the forward and reverse lookup for the Controller name on the DNS.

10.10.158.50 --- > meru.merulab.com

meru.merulab.com ---- > 10.10.158.50.

STEP 5: Now configure the certificate for the controller with the FQDN of the controller in order for these changes to take effect. Follow steps 6 through 10 to import the third party CA.

STEP 6: Navigate to Certificate Management > Server Certificate >Click "Add" and then fill the CSR that has to be signed by CA (Certificate Authority). Make sure that the Alias name is only character (to make things simple). E.g.: You can have alias name as “meru” and then have the common name (CN) as FQDN of the controller (meru.merulab.com).

STEP 7: Save the file as alias_name.csr (Eg: meru.csr) and send it to the CA.

STEP 8: A Trusted Root CA and the CA certificate (of .p7b, .cer format) would be created. Save the CA certificate as alias_name.cer

STEP 9: Import the Trusted Root CA by navigating to the Certificate Management > Trusted Root CA> Import the file. The trusted root CA would be of .p7b format.

STEP 10: Again navigate to Certificate Management >Server Certificate > Pending CSR and make sure that the alias name is the same and enable the checkbox "Include chain of Trust" and import the alias_name.cer file that was created in Step 7.

Now the certificate is imported successfully

Assigning a Server Certificate to an Application:

Follow steps 11 through 14 to assign the Server Certificate for use by Captive Portal or Web Administration or Web Administration and Management:

STEP 11: Highlight the Certificate in the Server Certificates list.

STEP 12: Click Used By. The User Applications dialog displays.

STEP 13: Click to select the Captive Portal or Web Administration & Management Application entry or shift-click to select both.

STEP 14: Click Apply and Close.

NOTE: The Apache Web Server needs to be restarted after successfully assigning a certificate to be used by Captive Portal and/or Management Applications.

Log on to the controller through web interface and click on CLI (at top right section), choose "Restart Web Server" and click on Run.

RESOLUTION: The next screen of the browser after captive portal authentication will now have the FQDN of the controller in the address bar.


Labels:
1533
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.