Captive portal on branch site with RED on standard/split setup - update

Question

We have a community post 5 years ago regarding Captive portal on branch site with RED on standard/split setup. 
 The answer was that is not possible because, in Standard/Split implementation, the internet traffic is routed directly from the RED to the internet. Which means XG is not intercepting this traffic at all and hence it is impossible to imply authentication via XG to such traffic. 
 Setup: 
 User-----RED-------RED Tunnel-----SFOS-----Resources 
 
 Captive portal on branch site with RED on standard/split setup 
 
 I wanted to understand if this answer is still valid or we have any way to configure Captive portal for the users behind RED

Vivek Jagad · Accepted Answer

Hey Sagar Ghosh , You can refer the Captive portal basics , for the tunneled traffic you can not impose a captive portal, it would be feature request. I'd recommend you reach out to your Account Manager, Sales Engineer, or Sales Representative so that they can help you raise FR request into our system. You can also log a support case so that our support representative can help link that FR to the account. 
 Additionally , you can use the in-product feedback in the Sophos Firewall located in the Top Menu Bar.

Vivek Jagad · Answer

Hi Sagar Ghosh ,

Thank you for reaching out to the community, the key advantage of using the standard/split is if you want to control the remote site, and have Sophos UTM control data flowing to and from the remote site to the central network. The key difference is that traffic to and from the public Internet passes through the RED to the Internet directly. And the drawback is that the remote site now has to maintain its own perimeter security, including web filtering. You also lose visibility into the remote site's public Internet usage as this is no longer logged or reported by Sophos firewall.

Captive portal on branch site with RED on standard/split setup - update

Top Replies