PAN-OS 10.5 WiFi HotSpot

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

PAN-OS 10.5 WiFi HotSpot

L1 Bithead

Hello World,

 

I am simply attempting to setup a portal to where my guest are able to accept the terms of service in order to access the internet. 

 

Is this possible with Palo Alto? I've done this on other vendor platforms and it wasn't rocket science to achieve this. 

 

Upon my research I ran across the following links. 

However, they explained that it only worked on PAN-OS 6-7 I believe. 

 

Any help would be greatly appreciated it even it it's just pointed me in the right direction. I also read that captive portal wasn't the best method to use to accomplish this. 

 

Thanks for all responses. 

2 accepted solutions

Accepted Solutions

Cyber Elite
Cyber Elite

 

@BOBBY_DIGITAL 

I'm very much of the opinion that the firewall isn't the best way to do this, and while you can use Captive Portal in redirect mode and cookies to handle this sort of setup using solely the firewall it isn't what I would recommend. 

 

 

View solution in original post

Hi @BOBBY_DIGITAL 

If you know a little bit about html and javascript, this task should be possible relatively easy. What you need for this is a local user on the firewall and some adjustments in the captive portal html. In this html I would hide the default form created by paloalto and a new button instead. Then with jquery you set an action for this button that behind the scenes this local user is written into the hidden username and passwort field and then this html form input is sent to the normal destination defined by pan-os.

View solution in original post

4 REPLIES 4

Cyber Elite
Cyber Elite

 

@BOBBY_DIGITAL 

I'm very much of the opinion that the firewall isn't the best way to do this, and while you can use Captive Portal in redirect mode and cookies to handle this sort of setup using solely the firewall it isn't what I would recommend. 

 

 

L1 Bithead

@BPry ,

 

Thank you for your response. While I agree the firewall isn't the best way to do this and my apologies for bringing up other vendors. However, my experience with Sophos, WatchGuard and Fortinet is that they all have this common feature built in. 

 

Again, not a deal breaker. Not even a big issue. I personally thought I was missing something when trying to build out the design for the guest wireless network via Palo. 

 

Thanks

Hi @BOBBY_DIGITAL 

If you know a little bit about html and javascript, this task should be possible relatively easy. What you need for this is a local user on the firewall and some adjustments in the captive portal html. In this html I would hide the default form created by paloalto and a new button instead. Then with jquery you set an action for this button that behind the scenes this local user is written into the hidden username and passwort field and then this html form input is sent to the normal destination defined by pan-os.

L1 Bithead

Thanks for the response. I just installed another firewall that already had it built in. The customer didn't really care about which vendor I proposed to them as a solution. 

 

I will test out your solution in my lab first before trying it out on someone else's network. Again, thanks for all responses. 

  • 2 accepted solutions
  • 5231 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!