Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 27 subscribers
  • Views 18430 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Captive portal not working as I expect it to work.

Matt Kopf

I am a new user to this product, but I have worked with a couple of firewalls in the past. I am just trying to setup a simple XG to test out some basic rules.

Rule 1:

From LAN to WAN

everything else Any

Match Known users checked

Show captive portal to unknown users NOT checked

Open Group added.

No malware scanning

Advanced all defaults or NONE

Log Firewall Traffic.

 

Rule 2:

Drop ALL from any to any

Log Firewall Traffic.

 

There is no AD or RADIUS or anything. There is only a laptop connected to the LAN port and WAN is out to the internet.

When the laptop opens a browser it gets the captive portal. Why? The logic seems to be that I would have to check the show to unknown for it to appear.

  1. Rule 1
    1. Do I know this user?
      1. no
    2. Do I show the captive portal?
      1. no
    3. The rule does not apply. Goto next rule.
  2. Rule 2
    1. Drop all

 

I know that this is not terribly useful right now, but this is just a building block for the next rule that I need to add, but if this doesn't work as I expect it to I'm not sure where I would go next.



Edited Tags
[edited by: Erick Jan at 12:53 AM (GMT -7) on 16 Sep 2022]
Parents
  • 0

    Matt,

    The first is never matched because you are not authenticated in some way. For example you can install Sophos authentication agent on that computer, insert username and password and your first rule will be matched. Otherwise check show captive portal to unknown users and you will use captive portal as authenticator. Everything is working as expected!

    Regards

  • 0 in reply to lferrara

    Thank you for taking the time to answer my post, but I guess I just was not clear enough as to what I was seeing and what I was expecting.

    So the firewall is suppose to show the captive portal even if I don't check the show captive portal box? I expected Rule 1 to fail, and I expected it to fall to rule 2. It did NOT do that it showed me the captive portal when the box was NOT checked. Is that the expected action? 

     

  • 0 in reply to Matt Kopf

    Matt,

    the first rule is not matched so the second rule is checked and it matches in this case. All traffic is blocked.

    What is your goal?

    XG is behaving as it should be!

  • +1 in reply to Matt Kopf

    Most probably your global authentication settings are set to Prompt Unauthenticated users to login. To disable that option go to Configure -> Authentication -> Services.

    At the very bottom of that page you will see "Web Policy Actions for Unauthenticated Users (Captive Portal)". The first option would ask whether you want to Prompt unauthenticated users to login or not. Select No and hit Apply and most probably you will be able to get what you want.

     

  • 0 in reply to lferrara

    My goal was for the traffic blocked and NOT have it display the captive portal. It IS displaying the captive portal. Even though I have told it NOT to do that. I was expecting the traffic to be blocked completely.  

    You keep saying that it is behaving as it should be, but it seems like I am not explaining what it actually is doing. 

    It's gotta be me right?

  • 0 in reply to Muhammad Osama

    This worked! 

    I had to change it to NO and then uncheck the Captive portal to https.

     

    It now works as expected.

     

    Thank you!!!

Reply Children