Thanks Aditi, I've got it working. So the next question - right now I have a "whitelist" rule as the last rule in my security policy. It essentially says "If it's from the Lan to Any other Zone, if it's in the "whitelist" URL Filtering profile allow it, otherwise block it". This is used for a few domains such as antivirus updates, microsoft, etc. What's the best way to drop a rule in underneath this as the captive portal rule so that the whitelist rule still fires, since it's used by things such as servers that don't have a person sitting there to enter credentials - is source IP in the captive portal the only option here?
... View more