Is there a way to use the hostname for captive portal instead of IP?

Really, the subject says it all... is there a way to configure the HTTPS & HTTP proxies to redirect to a hostname instead of the IP address of the firewall?

Reason I ask is I'd really like to keep my certificates consistent.  We use an internal PKI, and so I have issued the XG a valid certificate based on our root cert.  Yes, I can go back and re-issue it with the IP address, but I would like for it to redirect, if possible, to the internal hostname instead.

Similar to overriding the hostname for the external SSL vpn... I want to do it on an internal-facing service.

If the answer is currently "not possible" - I would like to suggest this as a feature.

  • In reply to GaryChancellor:


    I tried this but it is not working for me. Still it is opening with IP Address instead of hostname.



  • The issue is still present on firmware16.05.2 MR-2 and affects access to mail quarantine and sandstorm files too.

  • Guys, I found a workaround for this. It's working for me.

    My box XG450 (SFOS 17.0.5 MR-5) 

    Navigate to

    1. Authentication > Services > Web Policy Actions for Unauthenticated Users (Captive Portal)
    2. Change "Login prompt method" to "Display a custom message"
    3. In the textbox enter below text
      <SCRIPT LANGUAGE="JavaScript">
      window.location = "";
    4. Click Apply


    That's it enjoy. Ensure you have a valid HTTPS certificate uploaded to the UTM. Above method is working for me.