Decrypt guest network traffic

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Decrypt guest network traffic

L4 Transporter

Hi,

 

I'm using SSL decryption for domain users and it works perfectly. However, we're having a guest network (wifi) to provide our guests with internet access but we need to decrypt this traffic also. Any suggestion how to do this without forcing the guest to install the certificate? Can I use captive portal to decrypt the guest traffic?

 

I'm opened for any kind of implementations just to decrypt the traffic.

 

Regards,

Sharief

Regards,
Sharief
1 accepted solution

Accepted Solutions

L7 Applicator

There really is no way around having the guests trust your certificate by some method.  Decryption is basically a man in the middle so the cert trust needs to be established.

 

this old thread discusses some of the methods people have used to get the instructions out there for guests to install the necessary certs.

 

https://live.paloaltonetworks.com/t5/General-Topics/SSL-Decryption-getting-spoof-cert-out-to-BYOD-pe...

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

View solution in original post

2 REPLIES 2

L7 Applicator

There really is no way around having the guests trust your certificate by some method.  Decryption is basically a man in the middle so the cert trust needs to be established.

 

this old thread discusses some of the methods people have used to get the instructions out there for guests to install the necessary certs.

 

https://live.paloaltonetworks.com/t5/General-Topics/SSL-Decryption-getting-spoof-cert-out-to-BYOD-pe...

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center

Useful thread that was. Thank you pulukas.

Regards,
Sharief
  • 1 accepted solution
  • 4441 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!