Captive Portal - Terms of Service

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Captive Portal - Terms of Service

Not applicable

I would like to configure my PA-200 in such a way that when the user tries to browse a web site, he is presented with the captive portal. On this page I would like to display a "Terms of Service" banner telling him about acceptable use etc. I do NOT wish to authenticate individual users.

A simpe banner and an I Accept/Cancel button would suffice. Is there any way to implement this on Palo Alto?

Thanks a lot.


L4 Transporter

Why use captive portal for this?  Captive Portal is a method used for user-to-ip-mapping wherein the user would pass on the credentials for ip-mapping.  Setting all your URL categories to Continue / Override should be more easy...!!!

Hope this helps..!!!


L5 Sessionator

Captive portal is used for ip-user mapping and it is not possible to change the behavior to display only the terms and conditions page. You can achieve this by using URL continue page. You can define your customized URL continue page and then import it to the box.

Not applicable

Thanks guys. I will give this a try tomorrow.

Will it be cached so that the users isnt asked multiple times for different categories?

Also, can this govern other policies, so that the user has to accept before other firewall rules are enabled for him?

"Also, can this govern other policies, so that the user has to accept before other firewall rules are enabled for him?", Can you please elaborate a little more on this.  As per understanding, you want this Acceptance page as and when the user will  open a browser for surfing the internet.

If that is the case, then you will need to attach the URL Filtering profile to all the security rules that allow internet access.

Hope this helps...!!!


I'll try to explain.

When the user connects to the network he should have access to nothing.

When attempting to browse the internet he is presented with a Terms of Use web page where he is asked to accept the conditions.

After the user accepts other policies might be enabled for him allowing him to vpn etc.

Not applicable

I got the problem somewhat resolved.

The only way we could get it to behave properly was with captive portal.

Basically there is a ToS text and a phrase that says you accept these terms by logging on with guest/guest user account.

If only there was a way to revert to regular HTTP instead of using SSL on captive portal...

Hi Anyone,

Is there a way to revert to regular HTTP instead of using SSL on captive portal login page?

I don't think it is possible.

if you choose none as server certificate the firewall will use the local default certificate to provide an SSL connection.

L0 Member

It is complex, but it can be done.

Create local user accounts, point authentication to local.  Then we you make the custom page, just hide their form and create your own with the username and password filled in.  Hide their login button and replace it with your own.  Then setup your onClick to click theirs.  Kind of ridiculous, but it can be done.

Hopefully this makes sense.  I'm not the best at explaining....

Wow what an interesting and creative hack to get a "Terms of service" portal to work with PA! I applaud your ingenuity on this one.

PA should really add this simple feature.

3 years later, does Palo have a cleaner way of doing this very common requirement?



As most of You (from EU) knows tommrow GDRP will apply


Has anyone solution for PANOS 8.x for CaptivePortal with button to accept the terms and authentication?

Could You ahare it?







Noone is using such feature?  I'm pretty sure that You have solution 😉 - please share it..





Hi @_slv_


Do you want to use captive portal only to show terms of service or do you require your users to log in?

  • 36 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!