We have been working with Ruckus and Cloudpath on this issue as well.
These are the web addresses we allow to make google play and a few other
things accessible. You basically have to open up everything to google but
google.com
2 ocsp.digicert.com EditClone
3 crl3.digicert.com EditClone
4 crl4.digicert.com EditClone
5 *.play.google.com EditClone
6 *.ssl.gstatic.com EditClone
7 *.android.clients.google.com EditClone
8 *.googleusercontent.com EditClone
9 *.ggpht.com EditClone
10 *.geotrust.com EditClone
11 *.appengine.google.com EditClone
12 *.settings.crashlytics.com
EditClone
13 *.googleapis.com EditClone
14 *.cloud.google.com EditClone
15 *.gvt1.com EditClone
16 *.android.com EditClone
17 passwordreset.lamar.edu EditClone
18 *.amazon.com EditClone
Jacob Bennefield, BBA
Manager of Network Services
Lamar University
<mailto:[email protected]> [email protected]
Phone: 409-880-7997
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[email protected]] On Behalf Of Turner, Ryan H
Sent: Friday, May 29, 2015 9:01 AM
To: [email protected]
Subject: [WIRELESS-LAN] google play ACL
Hello all,
I've asked this question in the past, got some answers, attempted to
implement some solutions, and have ultimately been disappointed with the
results.
Our problem: We have a limited access onboarding SSID. Currently, users
must download the cloudpath agent directly from OUR server, requiring them
to configure their devices to allow non google market place applications.
I am attempting to streamline the onboarding process by allowing access to
google play directly to download the onboarding application, but am
failing miserably. I have put up the white flag and opened up most of
google, but now I am finding that through a combination of cache servers,
and Samsung devices that appear to query for their own app store first, my
results work only half the time.
Has anyone else figured out a way to solve this madness? We are not going
to open up the SSID to everything, because people would just use it and
not the proper wireless.
Ryan H Turner
Senior Network Engineer
The University of North Carolina at Chapel Hill
CB 1150 Chapel Hill, NC 27599
+1 919 445 0113 Office
+1 919 274 7926 Mobile
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
CONFIDENTIALITY: Any information contained in this e-mail
(including attachments) is the property of The State of Texas and
unauthorized disclosure or use is prohibited. Sending, receiving or
forwarding of confidential, proprietary and privileged information is
prohibited under Lamar Policy. If you received this e-mail in error,
please notify the sender and delete this e-mail from your system.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
