Captive portal and HTTPS requests

I have the same issue.

We can't ask guest to install XG cert.

Any suggestion on HTTPS redirect to captive portal?

Hi All,

The certificate error is caused as HTTPS scanning is enabled in the FW rule to forward the hotspot client traffic to internet. Disable the HTTPS scan from the FW rule if certificates cannot be imported.

There is a HTTPS redirect option available in the diagonostics> authentication> authentication service> captive portal > redirect HTTPS. Enable this option to redirect HTTPS connections securely to captive portal.

Thanks

No! You give me the wrong issue.

I didn't enable HTTPS scan in all my rules.

We are talking about Captive Portal for users to identify.

Guests got certification error when they open the https website, and failed to redirect to Captive Portal.

But open http website can redirect to Captive Portal well.

HTTPS scan is not the issue!

Sachin,

What Shunze is saying is correct. Same thing for me!

Hello Luk

I was able to recreate this and getting the same behaviour. I was not able to get around this without trusting the appliance certificate. 

The only other workaround I could figure out at the moment was using hotspot, I read earlier in the post that this is a hotspot, so if hotspot and password of the day, or vouchers are enabled, the hotspot captive portal is shown instantly (HTTP and HTTPS). 

Hope it helps.

Varun,

Thanks for your response. Can you track it internally and give us a response ? I am not using hotspot (only have 3 customers do it).

This should work out of the box.

Thanks

HI lferrara, 

Its seems to be an  issue  when redirected to Captive portal page as the certificate is would not be trusted by the system at the start . So This occurrence are known to us ,  Could you all check if the issue is with Mozilla or also in Chrome and Internet explorer. If you have a service request opened in the past for the same issue kindly private message me with the link to this thread as a reference . 

Thanks and Regards

Aditya Patel 

Aditya,

I Tried to access https://facebook.com and what I have seen from the test:

• Firefox 49.0.2 on MAC: HSTS error and you cannot continue
• Safari: works
• Firefox 48.0.2 on Windows: works
• Internet Explorer 11: works
• Google Chrome 54.0.2840.71 on Windows: HSTS error and you cannot continue

Disabling HSTS did not help.

A feature request for this does not exist. On old Astaro.org bug like this were tracked as Mantis and then on community we knew the status (under investigation, fixed into version....).

We can use feature request, but for things that are not working, we need a feedback from you Guys in order to know the status.

Same thing for the Captive Portal (v16) where the network authentication page now is a link. It was working with v15.

If you want that we use feature request, please make sure to change the status on ideas.sophos.com, if you are evaluating them, if the feature will come into next release, build, etc..It is odd that only 5 feature request are under investigation at the moment!

Please provide a way to get people on community informed. Information are spread aroud and this is not a good feedback for community users.This is an example of how tracking bugs was easy and professional:

https://community.sophos.com/products/unified-threat-management/astaroorg/f/utm-9-2-beta/65664/9-200-bug-changes-to-ips-options/250355#250355

Please make sure to use the same Philosophy.

We are more than happy to be here and help you but we need feedback from you. There are many unresolved threads under v16 beta issues/bugs and we do know if they are fixed, will be fixed or...

Sorry if I have added this comment but I am here on the community everyday and I see that finding information or tracking bugs is not easy at all.

Hope that you and Bianson could improve the information and give us more feedback on know issues and their status and not only workaround.

Thanks

Aditya,

I Tried to access https://facebook.com and what I have seen from the test:

• Firefox 49.0.2 on MAC: HSTS error and you cannot continue
• Safari: works
• Firefox 48.0.2 on Windows: works
• Internet Explorer 11: works
• Google Chrome 54.0.2840.71 on Windows: HSTS error and you cannot continue

Disabling HSTS did not help.

A feature request for this does not exist. On old Astaro.org bug like this were tracked as Mantis and then on community we knew the status (under investigation, fixed into version....).

We can use feature request, but for things that are not working, we need a feedback from you Guys in order to know the status.

Same thing for the Captive Portal (v16) where the network authentication page now is a link. It was working with v15.

If you want that we use feature request, please make sure to change the status on ideas.sophos.com, if you are evaluating them, if the feature will come into next release, build, etc..It is odd that only 5 feature request are under investigation at the moment!

Please provide a way to get people on community informed. Information are spread aroud and this is not a good feedback for community users.This is an example of how tracking bugs was easy and professional:

https://community.sophos.com/products/unified-threat-management/astaroorg/f/utm-9-2-beta/65664/9-200-bug-changes-to-ips-options/250355#250355

Please make sure to use the same Philosophy.

We are more than happy to be here and help you but we need feedback from you. There are many unresolved threads under v16 beta issues/bugs and we do know if they are fixed, will be fixed or...

Sorry if I have added this comment but I am here on the community everyday and I see that finding information or tracking bugs is not easy at all.

Hope that you and Bianson could improve the information and give us more feedback on know issues and their status and not only workaround.

Thanks