12-16-2020 07:26 AM
Dear community,
I´m currently facing this challengue:
Do you know whether it´s possible to have captive portal working for https traffic without using SSL decryption?
This requirement is not clear in the admin guide but I understand it is according the the article below:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClevCAC
Due to some internal policies deploying SSL decryption wouldn´t be feasible so I´d really appreciate your answers on this topic.
Thank you!
12-16-2020 10:02 AM
You need to decrypt the traffic to effectively redirect to the captive portal correctly. If office politics aren't allowing you to setup decryption, you could potentially just setup a decryption rule for unknown users. This would allow the captive portal to be fed to the user correctly when visiting HTTPS sites while still NOT decrypting traffic as long as the user is identified. That might be an acceptable compromise to get things working correctly and still meet requirements to not decrypt traffic?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
