Is it possible to block all outbound http/https traffic on an authenticated per-session basis instead of a per-client basis? I currently have my PA setup so that it will only permit web traffic after authentication (using captive portal), however this appears to allow all outbound web traffic on the client, whereas I'm looking for it to continue blocking outbound web traffic except for the browser that initiated the authentication session.
For example, if I've authenticated via Firefox, I'm able to get to outbound sites, however I'd like to have Chrome/Windows Updates/other services that utilize http/https on the same box to still require authentication.
That level of granularity isn't available and would be easy enough to bypass if you knew what you were doing and could fake an agent string. But to directly answer your question, no this isn't something that can be done from the firewall.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!