https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38420#M28143 <HTML><HEAD></HEAD><BODY><P>Another thought. If you know the MAC addresses of these specific hosts then you can set your DHCP to assign specific IPs to those host MACs. Preferably you can put those static host mappings such that they would fall into a specific IP subnet or range. Then configure a no-captive-portal rule for just that host range.</P><P></P><P>-Richard</P></BODY></HTML> Sun, 06 Nov 2011 03:53:46 GMT Retired Member 2011-11-06T03:53:46Z https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38418#M28141 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P>A client have a several computers with a generic user that logon automaticaly. Actually, with a ISA Server configured as explicit user, the browser prompts user/pass data to access to Internet. What can I do with PaloAlto to make the same? Captive portal is not a solution because all the computers are configured with DHCP option, and I can't configure captive portal for source user, only source ip.</P><P>Any idea?</P><P>Thanks</P></BODY></HTML> Fri, 04 Nov 2011 21:08:01 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38418#M28141 COMIP 2011-11-04T21:08:01Z https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38419#M28142 <HTML><HEAD></HEAD><BODY><P>You can choose source zone and source address via CP and based on your statement, you should be selective in your choice of IP addresses to be captive portaled.</P></BODY></HTML> Sun, 06 Nov 2011 03:10:54 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38419#M28142 gswcowboy 2011-11-06T03:10:54Z https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38420#M28143 <HTML><HEAD></HEAD><BODY><P>Another thought. If you know the MAC addresses of these specific hosts then you can set your DHCP to assign specific IPs to those host MACs. Preferably you can put those static host mappings such that they would fall into a specific IP subnet or range. Then configure a no-captive-portal rule for just that host range.</P><P></P><P>-Richard</P></BODY></HTML> Sun, 06 Nov 2011 03:53:46 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38420#M28143 Retired Member 2011-11-06T03:53:46Z https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38421#M28144 <HTML><HEAD></HEAD><BODY><P>Good point Richard but correct me if I'm wrong but doesn't he want the redirect page to be provided to the end-users?</P></BODY></HTML> Sun, 06 Nov 2011 03:57:54 GMT https://live.paloaltonetworks.com/t5/general-topics/authentication-for-generic-user-account/m-p/38421#M28144 gswcowboy 2011-11-06T03:57:54Z