This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Chromebook / Chromium - security rules prior to login - network not available

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Chromebook / Chromium - security rules prior to login - network not available

TerryBradford
L1 Bithead

‎01-19-2017 03:23 AM

Hi All, 

 

I'm a newbie on the world of Palo but can't find a way around this issue "yet" so was hoping for some advice.

 

I have around 500 chrombooks and these are all tied into Google Directory services, they work fine etc etc. 

 

however i'm trying to have the devices work through the palo alto with user authentication for browsing which is trackable, this also is resolved by use for a google extension. 

 

The outstanding issue I have is to try and get the users to connect to google so they can authenticate to login to the device, then be limited on what they can browse etc. 

 

The actual issue is that I can't seem to get the login window to display, I suspect it's todo with SSL Decryption and wondered how to go about allowing the device to connect to google just to login - from this point user activity should then be auditable / limited. 

 

 

0 Likes Likes
1 REPLY 1

BPry
Cyber Elite
Cyber Elite

‎01-19-2017 06:41 AM

@TerryBradford If you have these devices on their own subnet and you are currectly getting the proper user-ids to actually come up once they authenticate you could build a rule that lists the user as 'unknown' and filter it to the point where they can only get to the Google login pages. Keep in mind that usually to do this you would have to enable acccess to Google as a whole but I assume that you have the login page set as the default browser page across all chromebooks. 

 

On the SSL decryption issue I tend not to recommend actually decrypting Google services, I've run into to many issues keeping it working without constant maintenance and it's something that I just don't care that much about decrypting in my enviroments. 

0 Likes Likes
  • 1868 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks