https://live.paloaltonetworks.com/t5/general-topics/captive-portal-for-https-traffic-without-ssl-decryption/m-p/374749#M89111 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/24977">@Carracido</a>,</P> <P>You need to decrypt the traffic to effectively redirect to the captive portal correctly. If office politics aren't allowing you to setup decryption, you could potentially just setup a decryption rule for unknown users. This would allow the captive portal to be fed to the user correctly when visiting HTTPS sites while still NOT decrypting traffic as long as the user is identified. That might be an acceptable compromise to get things working correctly and still meet requirements to not decrypt traffic?&nbsp;</P> Wed, 16 Dec 2020 18:02:07 GMT BPry 2020-12-16T18:02:07Z https://live.paloaltonetworks.com/t5/general-topics/captive-portal-for-https-traffic-without-ssl-decryption/m-p/374713#M89106 <P>Dear community,</P><P>&nbsp;</P><P>I´m currently facing this challengue:</P><P>Do you know whether it´s possible to have captive portal working for https traffic without using SSL decryption?</P><P>&nbsp;</P><P>This requirement is not clear in the admin guide but I understand it is according the the article below:</P><P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClevCAC" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClevCAC</A></P><P>&nbsp;</P><P>Due to some internal policies deploying SSL decryption wouldn´t be feasible so I´d really appreciate your answers on this topic.</P><P>&nbsp;</P><P>Thank you!</P> Wed, 16 Dec 2020 15:26:34 GMT https://live.paloaltonetworks.com/t5/general-topics/captive-portal-for-https-traffic-without-ssl-decryption/m-p/374713#M89106 Carracido 2020-12-16T15:26:34Z https://live.paloaltonetworks.com/t5/general-topics/captive-portal-for-https-traffic-without-ssl-decryption/m-p/374749#M89111 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/24977">@Carracido</a>,</P> <P>You need to decrypt the traffic to effectively redirect to the captive portal correctly. If office politics aren't allowing you to setup decryption, you could potentially just setup a decryption rule for unknown users. This would allow the captive portal to be fed to the user correctly when visiting HTTPS sites while still NOT decrypting traffic as long as the user is identified. That might be an acceptable compromise to get things working correctly and still meet requirements to not decrypt traffic?&nbsp;</P> Wed, 16 Dec 2020 18:02:07 GMT https://live.paloaltonetworks.com/t5/general-topics/captive-portal-for-https-traffic-without-ssl-decryption/m-p/374749#M89111 BPry 2020-12-16T18:02:07Z