The firewall will intercept any unknown user sessions that are using HTTP or HTTPS with an HTTP 302 redirect message. This 元 interface will be used for the Captive Portal redirect. A third physical interface should be configured with an IP and assigned to a zone outside the V-Wire. While captive portal is most commonly used in a Layer 3 routed environment, this document outlines the steps to configure a V-Wire topology with Captive Portal in redirect mode authenticating to a RADIUS server.Īs illustrated above, the network topology for this configuration requires two physical interfaces configured for the inbound and outbound V-Wire. Once identified, user-based policies can be applied to the user’s traffic. For user authentication, a local database can be used, RADIUS, Kerberos, or LDAP server. The portal is triggered based on the Captive Portal policies for http and/or https traffic only and is triggered only for the IP addresses without existing user-to-IP mapping. The Captive Portal is used to create a user-to-IP mappings on the Palo Alto Networks firewall.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |