XG v18 captive portal appears after a few days with Match known users disabled

Question

Hello! Hoping someone has seen this before and has found a solution. 
 I am running XG firewall home version SFOS 18.0.4 MR-4 on a home network. I have a basic LAN to WAN firewall rule with #Standard LAN Policy applied to it and Match known users unchecked. After a few days, anywhere between 2 and 16 days but never immediately, devices start losing internet connectivity and displaying the captive portal. 
 Restarting the firewall acts as a workaround until the captive portal appears again after a number of days. The connectivity issues and captive portal appearing all begin at the same time for every device on the network when this happens and there doesn't seem to be a clear reason why it happens when it does. I have Match known users unchecked with the assumption that checking it enables this kind of behaviour, and unchecking it means that the captive portal is never displayed. Am I correct in assuming this? Any ideas why the captive portal is appearing and why the timing seems to be random?

Lewis Brand · Answer

An update regarding this: 
 Currently, disabling AD SSO and Radius SSO in the Local service ACL has stopped the users from being recognised during an AD login so one of these two is linked to the problem. A good workaround at the moment is to disable these and that solves the issue at the surface. 
 Interestingly, these options seem to work regardless of whether or not match users is enabled or disabled. Is this expected behaviour or a bug?

XG v18 captive portal appears after a few days with Match known users disabled

Top Replies