Palo Alto

Palo Alto Captive Portal

Well let me tell you what happen this week
I saw one of our work mate login in his private Laptop to internet and download is so high and his user don’t show in the monitor page.

So there is a feature available in hotel and Internet Cafe and its a great feature to control who is going and coming and sometimes to which website
This Feature Called Captive portal

let me guide you in the configuration
the requirement 1, 2 & 3 available in earlier blog you can click in each component and it direct you to the page
1-LDAP
2-Authentication Profile
3-Certificate
4-Certificate Profile
5-Enable Captive Portal
6-Captive portal policies

So start from Step 4 to create a certificate profile
Go to Device – Certificate Management – Certificate profile – +
Choose Name and Select the User Domain
then under the CA Certificate Add your Cert that Created in Earlier Blog
50

60

1
Then Go to Device – User Identification – Captive Portal Settings – Edit
Make Sure to check Enable Captive Portal
Choose the Authentication Profile That we Created in the Earlier Blog
and Choose Mode Redirect
and in the Filed of Redirect Host put our LAN IP 192.168.250.250 so all traffic forward to that IP2
Now Lets Create a Captive Rule
Go to Policies – Captive Portal – +
Choose a Name
3
Then Select the Source as Inside4
Select your Destination as the Outside WAN5
After that select Your Service as HTTP and HTTPS also you can add a URL Category if you want to strict the Captive Portal to specific web sites
6
Choose the Action web-form 7
Last thing go to the Management Profile and make Sure you check the Response Pages so the user would be able to receive it
Got o Network – Network Profiles – Interface Mgmt – edit my Profile which i created in an Earlier Blog
8
Now lets go to the user PC and Open a browser to google Web Site
as you can see it direct me to 192.168.250.250 in URL
Click on Continue to this website (not recommended)
10
It will ask you for your Username and Password
I will put my LDAP Authentication Username and password20
Now it Login me30
and Walla im there40

 

Note: in the newer version of Palo Alto Captive Portal Policy is Called: Authentication Policy and Web-form is changed to : default-web-form

;D

Standard

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s