Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 28 subscribers
  • Views 1494 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Captive portal and MITM

Simcfc73

Hi,

Just hit a snag with my BYOD network. When a user connects to the guest VLAN and hits the Captive Portal I want them to install the Sophos certificate for HTTPS inspection. I've created a little webpage with some instructions on how to install the cert and a link to download the cert which I've attached to the webpage.

Problem is they cant get the to the cert till they authenticate..which after they authenticate takes them to the webpage so they can't get back to the portal page with the cert link on it..that make sense?

Not sure why they can browse to the webpage but not download the cert.. which is on the same website.

Am I missing something very easy?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Badrobot

    Or can you maybe step by step this out some more.

  • 0 in reply to Badrobot

    I haven't created a policy blocking the cert (tried crt and cer files) and I cant see one listed.

    The user connects to the wireless guest wifi (vlan 50)bnetwork and is asked to sign on.. they get redirected to a website I created (on vlan 1)

    The webpage has a simple ahef to the cert on that webpage.

    If you click it nothing happens, if you log in and then go back to the webpage you are allowed access to the cert.. when you click it, the cert gets downloaded.

    The firewall  link between vlan 50 and 1 only does http and https allowed... thsi should be an issue should it?

    Be easier if the cert stayed on the Sophos box and I could just link directly to is.

  • 0 in reply to Simcfc73

    To install the HTTPs Certificate to scan their BYOD HTTPs Traffic seems to be highly inappropriately - To be honest. 

    Most likely you are trying to sniff everything in the network from your guest user and i would immediately disconnect from your network, if my device (sophos mobile detects such attacks) alerts me. 

    Are you even allowed to do such "attacks" by law in your country? In Germany, you could be easily sued for this. 

  • 0 in reply to LuCar Toni

    We are a school where the users sign an agreement that when they connect to the network they abide by the acceptable usage policy.