URL Continue and Affect on Applications

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

URL Continue and Affect on Applications

L6 Presenter

Does anyone have any information on the functionality of an application say facebook or netflix on a phone (Android/IOS) where the traffic also goes through a URL policy that has those websites in a "Continue" function?

 

Currently the Netflix application just "spins" on an IOS device I've tested so far.

4 REPLIES 4

Cyber Elite
Cyber Elite

This issue was present when we had a "Continue" URL Policy included on our Guest wireless network and the same thing was happening, since it was running through an application and not a browser it never got to the URL Filtering Continue page. Eventually we just switched the URL Policy as we weren't actively trying to monitor anything across the Guest network anyways and we only really wanted it to be desplayed to our internal users. 

 

This is the same issue I'm running into as well.  My company doesn't necessarily want to block these apps on "guest" networks, but provide the splash screen and allow them to continue if "required."

 

So it's been your experience it didn't work either?

Would an intiial captive protal be useful in this case? Just have the guests open a browser and see the companies terns and conditions, once they click I agree, no more continue pages?

 

Just a thought.

It's a good thought but we already have a Guest regristration process, and honestly I'm not certain how captive portal would play into the "continue" function.

 

I ended up opening a ticket and found the issue.  It makes sense, but I didn't realize SSL interception was necessary for the "continue" function.

 

For our non-corporate networks, BYOD, we obvious can't intercept that traffic.  Since the sites I was trying to force through continue were SSL I was getting SSL protocol errors in the web browser.

 

I guess there are some other settings that were required which I already had configured except one.  Via CLI I needed:

 

ssl-decrypt url-proxy yes

 

This allows any website to be processed for interception (only for  which allows the continue function to work.  The one caveate to this is BYOD get the MITM cert error because we're using an internally signed cert for interception and they don't have our root cert on their device.  However in our case that's fine, because we'd rather make them click to continue.

 

--EDIT--

 

"continue" breaks applications.  So for instance you want to continue Facebook, well doing so breaks the application on a smartphone.  So just an FYI for someone trying to do so on BYOD.

  • 1868 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!