Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Maik1
Contributor

No Redirect to captive Portal

I am currently trying IA with Captive Portal. If I enter the captive portal manually, everything works. I can log in and get into the internet. But I do not get a redirect for https either for http. The browser shows me: Connection Timed out. I let Wireshark run, there is no answer. For my test client https inspection is active and for my layer application control is also active. Do you have an idea?

Appliance: 61K

Software Version: R80.20SP

Captive Portal.JPG

4 Replies
Maik1
Contributor

The picture as an attachment, so you can read it

_Val_
Admin
Admin

Do you have a rule allowing certain network to go to your captive portal URL? 
Parent rule 101 is matching certain fixed source and destination,

rule 101.1 only works when identity is acquired already, but I do not see any policy rule that allows that acquisition. All you will see here will be drops on rule 101.2

 

Maik1
Contributor

Hi _Val_,

thank you for the response. if I am not logged in, I see drops in Rule 101.2, so it looks like you are right. But how I do I build the rule for acquisition? I'm not sure, what you mean. For example in sk121074 they have the same rules. I thought, if I activate the "Enable Identiy Captive Portal" as an action, there will be the redirect.

_Val_
Admin
Admin

No, not the same rules. Any of the examples in the SK have ANY for Destination. You do not, your parent rule is very specific, and destination does not include FW itself. This is what I am trying to explain, redirection does not work, because your policy does not allow user to FW connectivity. 

0 Kudos