https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19781#M14436 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Yes it's possible and it's exactly what I'm doing on my box.</P><P></P><P>FYI, I have a static public IP address and am using many-to-one NAT (PAT) from inside to outside network.</P><P></P><P>Authentications I tried are local, Kerberos and LDAP (so last two with Active Directory integration). All working but the AD integration really helps if you are already using user-id</P><P></P><P>It's a rather basic setup, only captive portal, no NTLM or session cookies.</P><P></P><P>Best regards,</P><P></P><P>Koen.</P></BODY></HTML> Thu, 07 Jun 2012 17:19:04 GMT KP 2012-06-07T17:19:04Z https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19778#M14433 <HTML><HEAD></HEAD><BODY><P>Is it possible to use captive portal to force a user from the untrust side to authenticat before they can see port 22?</P></BODY></HTML> Wed, 13 Jan 2010 22:48:07 GMT https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19778#M14433 SoftwareMedia 2010-01-13T22:48:07Z https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19779#M14434 <HTML><HEAD></HEAD><BODY><P>Captive Portal is more commonly used with traffic going from a trusted to an untrusted zone.&nbsp; It may work with traffic originating in the untrust zone, depending on your network configuration.&nbsp; Please contact Support so that you can discuss your options with them.</P></BODY></HTML> Thu, 14 Jan 2010 01:06:04 GMT https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19779#M14434 nrice 2010-01-14T01:06:04Z https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19780#M14435 <HTML><HEAD></HEAD><BODY><P>Just for interest sake, is this possible and has this been done anywhere?</P></BODY></HTML> Thu, 07 Jun 2012 09:54:16 GMT https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19780#M14435 Quinton 2012-06-07T09:54:16Z https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19781#M14436 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>Yes it's possible and it's exactly what I'm doing on my box.</P><P></P><P>FYI, I have a static public IP address and am using many-to-one NAT (PAT) from inside to outside network.</P><P></P><P>Authentications I tried are local, Kerberos and LDAP (so last two with Active Directory integration). All working but the AD integration really helps if you are already using user-id</P><P></P><P>It's a rather basic setup, only captive portal, no NTLM or session cookies.</P><P></P><P>Best regards,</P><P></P><P>Koen.</P></BODY></HTML> Thu, 07 Jun 2012 17:19:04 GMT https://live.paloaltonetworks.com/t5/general-topics/using-captive-portal-for-untrust-to-trust/m-p/19781#M14436 KP 2012-06-07T17:19:04Z