Captive Portal for HTTPS traffic

Reply
L2 Linker

Captive Portal for HTTPS traffic

Hi there,

 

Is it possible to enforece browser challange for Cpative Portal for HTTPS traffic with out SSL inspection on the firewall? 

 

Regards,

Nagarjuna 

L7 Applicator

Re: Captive Portal for HTTPS traffic

Hello,

The captive portal is really only used for user-id mappings. What are you attempting to accomplish by this?

 

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/user-id/map-ip-addresses-to-users/map-ip-a...

 

Regards,

Highlighted
L5 Sessionator

Re: Captive Portal for HTTPS traffic

Hey @nagarjuna.b,

 

The only other alternative to SSL decryption would be the URL proxy feature. But this still requires a CA certificate marked as forward trust which the clients have to trust. Past that you're literally trying to break what SSL was designed for ;)

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFKCA0

 

Cheers,

Luke.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!