We have configured the captive portal for category 'Adult and Pornography' . Our question is, will the captive portal start every time or only when you are an unknown user? If the user is known (using Active Directory), is the user still being prompted with the 'User Identification Portal' Continue page?
The user can be know using 3 diff ways User-id agent, captive portal and gp. So if the user not know either by user-id agent or Global Protect(ssl vpn client) they should be hitting your Captive portal rule.
following docs will help:-
The captive portal rules identify the sources destinations and destination ports that captive portal will be applied to or suppressed. This only kicks in if PA does not have a user-id to IP mapping. (as mentioned by previous posts) Since it is not possible to define all the IP addresses of "adult content sites" this approach will not work well. The other approach is to force captive portal on everyone and use AD group membership to control who can go to adult content sites. Alternatively you can require them to provide a password (action = override) to access that url category. Risk here is you don't know who is using the password and if it is being shared. Hope this helps.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!