I have a very weird situation perhaps you all can help with.
I’m running OS X server which has CardDAV and CalDAV services to various Macs and iOS devices.
Occasionally, I’m seeing that a device inside the LAN (which is making a request to the server over SSL on port 8443) is coming up with a “certificate mismatch error” and when I look at the certificate details, i’m seeing “captive-portal.peplink.com”.
- Captive Portal is disabled
- The IP address that is accessed has Inbound Access / Port forwarding set up properly.
- This issue only happens on devices on LAN. For example on my iPhone, I can trigger the error on WiFi on the LAN, but if I turn off WiFi and use the cellular network (which is then accessing via WAN) I don’t see it happen.
- DNS problem? If for some reason the Peplink was returning its own IP address (instead of the IP address of my server) then I could see how it would deliver the wrong SSL certificate. I did make some DNS changes about to weeks ago, but have rebooted everything multiple times since then.
- Inbound Access / Port Forwarding bug? Could it be that in some cases, a device on the LAN does not receive the benefits of port forwarding when accessing an IP address and Port that is on the WAN side?
I’m stumped here - anyone else seen similar issues?