Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 2649 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Captive portal on branch site with RED on standard/split setup - update

Sagar Ghosh

We have a community post 5 years ago regarding Captive portal on branch site with RED on standard/split setup.

The answer was that is not possible because, in Standard/Split implementation, the internet traffic is routed directly from the RED to the internet. Which means XG is not intercepting this traffic at all and hence it is impossible to imply authentication via XG to such traffic. 

Setup:

User-----RED-------RED Tunnel-----SFOS-----Resources

 Captive portal on branch site with RED on standard/split setup 

 

I wanted to understand if this answer is still valid or we have any way to configure Captive portal for the users behind RED



This thread was automatically locked due to age.
Parents
  • 0

    Hi  ,

    Thank you for reaching out to the community, the key advantage of using the standard/split is if you want to control the remote site, and have Sophos UTM control data flowing to and from the remote site to the central network. The key difference is that traffic to and from the public Internet passes through the RED to the Internet directly. And the drawback is  that the remote site now has to maintain its own perimeter security, including web filtering. You also lose visibility into the remote site's public Internet usage as this is no longer logged or reported by Sophos firewall.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0

    Hi  ,

    Thank you for reaching out to the community, the key advantage of using the standard/split is if you want to control the remote site, and have Sophos UTM control data flowing to and from the remote site to the central network. The key difference is that traffic to and from the public Internet passes through the RED to the Internet directly. And the drawback is  that the remote site now has to maintain its own perimeter security, including web filtering. You also lose visibility into the remote site's public Internet usage as this is no longer logged or reported by Sophos firewall.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Children
Unfiltered HTML