https://live.paloaltonetworks.com/t5/general-topics/response-pages-on-external-public-interface/m-p/529406#M109290 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/56221">@raji_toor</a>&nbsp;,</P> <P>&nbsp;</P> <P>For captive portal , you can create an authentication policy rule with the zones available in your firewall.&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="JayGolf_0-1675225365857.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/47567i3563208AF35012B1/image-size/medium?v=v2&amp;px=400" role="button" title="JayGolf_0-1675225365857.png" alt="JayGolf_0-1675225365857.png" /></span></P> <P>&nbsp;</P> <P>Here is a doc on <A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users/map-ip-addresses-to-usernames-using-captive-portal/configure-captive-portal" target="_self">configuring captive portal</A>.&nbsp;</P> <P>&nbsp;</P> <P>As far as <A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/device/device-response-pages" target="_self">response pages</A>, those are created for internal users try to access a URL.</P> Wed, 01 Feb 2023 04:25:38 GMT JayGolf 2023-02-01T04:25:38Z https://live.paloaltonetworks.com/t5/general-topics/response-pages-on-external-public-interface/m-p/528851#M109186 <P>Can response pages be considered for External/Public facing interface or is it a complete no.</P> <P>We want to use captive portal to authenticate certain users for certain systems.</P> Fri, 27 Jan 2023 11:36:35 GMT https://live.paloaltonetworks.com/t5/general-topics/response-pages-on-external-public-interface/m-p/528851#M109186 raji_toor 2023-01-27T11:36:35Z https://live.paloaltonetworks.com/t5/general-topics/response-pages-on-external-public-interface/m-p/529406#M109290 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/56221">@raji_toor</a>&nbsp;,</P> <P>&nbsp;</P> <P>For captive portal , you can create an authentication policy rule with the zones available in your firewall.&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="JayGolf_0-1675225365857.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/47567i3563208AF35012B1/image-size/medium?v=v2&amp;px=400" role="button" title="JayGolf_0-1675225365857.png" alt="JayGolf_0-1675225365857.png" /></span></P> <P>&nbsp;</P> <P>Here is a doc on <A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/map-ip-addresses-to-users/map-ip-addresses-to-usernames-using-captive-portal/configure-captive-portal" target="_self">configuring captive portal</A>.&nbsp;</P> <P>&nbsp;</P> <P>As far as <A href="https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/device/device-response-pages" target="_self">response pages</A>, those are created for internal users try to access a URL.</P> Wed, 01 Feb 2023 04:25:38 GMT https://live.paloaltonetworks.com/t5/general-topics/response-pages-on-external-public-interface/m-p/529406#M109290 JayGolf 2023-02-01T04:25:38Z https://live.paloaltonetworks.com/t5/general-topics/response-pages-on-external-public-interface/m-p/529416#M109293 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/220841">@JayGolf</a>&nbsp; Yes they were traditionally meant for internal users. But does exposing response pages externally posses a increased risk if exposed on public interface, this is what I am looking for. We have GlobalProtect portal too exposed from the firewall, does exposing response page would be any different.</P> <P>&nbsp;</P> <P>For the usecase it can work as possible access method which Cloud Identity Engine and MFA to access an internal resource or add authentication to an unauthenticated website.</P> Wed, 01 Feb 2023 06:35:25 GMT https://live.paloaltonetworks.com/t5/general-topics/response-pages-on-external-public-interface/m-p/529416#M109293 raji_toor 2023-02-01T06:35:25Z