Chrome Bypassing Captive Portal for Google Services

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Chrome Bypassing Captive Portal for Google Services

L2 Linker

Hi,

PANOS 4.1.6

Client OS: Windows 7

Client Browser: Google Chrome 21.0.1180.89

I have PAN running with CaptivePortal (Public Certificate with AD Auth profile). Everything works fine when I use Firefox, Chrome and IE (in the case of IE except for the small hitch discussed here in this forum when running on Windows7). I am prompted to Authenticate WebForm without any certificate warning etc etc. How ever when I try gmail.com in chrome (and only in chrome it happens), it simply takes me through and lets me login to gmail and do what ever I want to. Its true for certain other google Apps services ( like Chrome WebStore, Google Analytics etc) too. CaptivePortal is running on Redirect mode on the Trust Interface (l3)

Any thoughts please?

Cheers.

18 REPLIES 18

URL category won't be unknown : it reads URL hostname (not real url which is encrypted) from certificate itself that passes trough, so it will  see *.google.com.

If you are using Macs, then consider GlobalProtect Portal with agents installed on corporate computers.

Looking at the URL Logs, things are working the way expected. But I think, as you said, since https response cant be rewritten (unless ssl decrypt) we cant force a block page..right?

Thanks

Yes you got it right.

GlobalProtect Client for Internet Gateways and Portal might be the answer you are looking for.

I thought about GP earlier, but deploying on corporate and not deploying on consultants will make it hard to manage in over all...So I think will have to live with it for now, by announcing to login to our company http website (which then takes to CP Smiley Happy) who ever have internet issues , probably ...!!

Thanks mate.

  • 9866 Views
  • 18 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!