Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Captive portal on branch site with RED on standard/split setup - update

We have a community post 5 years ago regarding Captive portal on branch site with RED on standard/split setup.

The answer was that is not possible because, in Standard/Split implementation, the internet traffic is routed directly from the RED to the internet. Which means XG is not intercepting this traffic at all and hence it is impossible to imply authentication via XG to such traffic. 


User-----RED-------RED Tunnel-----SFOS-----Resources

 Captive portal on branch site with RED on standard/split setup 


I wanted to understand if this answer is still valid or we have any way to configure Captive portal for the users behind RED

Edited TAGs
[edited by: Erick Jan at 8:27 AM (GMT -7) on 27 Mar 2024]
Parents Reply
  • So, here users are behind RED (BR) and they are connecting to SFOS XGS (HQ) through RED tunnel. They have allowed few traffic as a split network to enter the tunnel. Rest of the internet traffic will be connected directly as you mentioned. However the configured Tunnel traffic will eventually reach to XGS of HQ site.

    Now we wanted to impose a captive portal for the tunnel traffic. So that users behind RED sends the traffic to Firewall through RED, and it gets authenticated first.