topic Meta Apps bypassing Captive Portal Authentication in Next-Generation Firewall Discussions https://live.paloaltonetworks.com/t5/next-generation-firewall/meta-apps-bypassing-captive-portal-authentication/m-p/1223923#M5688 <P>Hi Everyone,</P> <P>&nbsp;</P> <P>I am asking your expert advise on this issue:</P> <P>&nbsp;</P> <P>We have an AP in bridge mode that is directly connected to Palo Alto. The firewall acts as the dhcp server and the AP just extends/bridges the network wirelessly. This setup is for Wireless Connection of Guest users with a separate zone as well. We created only one common guest user and password to simplify it.</P> <P>&nbsp;</P> <P>We followed the KB article:&nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC" target="_blank" rel="noopener">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC</A>&nbsp;to create a captive portal and it was successul.</P> <P>&nbsp;</P> <P>However, the issue that we encountered is that when the end-users connect to the WiFi, they were able to access Meta Apps like Messenger and Instagram, even without logging their credentials in the captive portal after being redirected to the portal.</P> <P>&nbsp;</P> <P>Any ideas on how to solve this one? Thank you</P> <P>&nbsp;</P> <P>#ngfw #pa3220&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>Any ideas on how to solve this one? Thank you.</P> Sun, 16 Mar 2025 06:26:53 GMT zedexxx 2025-03-16T06:26:53Z Meta Apps bypassing Captive Portal Authentication https://live.paloaltonetworks.com/t5/next-generation-firewall/meta-apps-bypassing-captive-portal-authentication/m-p/1223923#M5688 <P>Hi Everyone,</P> <P>&nbsp;</P> <P>I am asking your expert advise on this issue:</P> <P>&nbsp;</P> <P>We have an AP in bridge mode that is directly connected to Palo Alto. The firewall acts as the dhcp server and the AP just extends/bridges the network wirelessly. This setup is for Wireless Connection of Guest users with a separate zone as well. We created only one common guest user and password to simplify it.</P> <P>&nbsp;</P> <P>We followed the KB article:&nbsp;<A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC" target="_blank" rel="noopener">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC</A>&nbsp;to create a captive portal and it was successul.</P> <P>&nbsp;</P> <P>However, the issue that we encountered is that when the end-users connect to the WiFi, they were able to access Meta Apps like Messenger and Instagram, even without logging their credentials in the captive portal after being redirected to the portal.</P> <P>&nbsp;</P> <P>Any ideas on how to solve this one? Thank you</P> <P>&nbsp;</P> <P>#ngfw #pa3220&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>Any ideas on how to solve this one? Thank you.</P> Sun, 16 Mar 2025 06:26:53 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/meta-apps-bypassing-captive-portal-authentication/m-p/1223923#M5688 zedexxx 2025-03-16T06:26:53Z