cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
767
Views
0
Helpful
2
Replies

Sourcefire Captive portal

Robert Nethken
Level 1
Level 1

Hello,

I'm deploying sourcefire to my domain. I just brought it out of monitor only mode. I had a handful of acl's which delt with social media sites etc within sourcefire. I was expecting it to hit the captive portal, but nothing ever comes up.

I have followed the requirements, I have a routed deployment, I put a "trust" acl into sourcefire for all traffic sourced from private networks to the port I configured the captive portal on.

I configured the captive portal port on both the ASA and within the firepower management center. I set my identity policys to ONLY include active authentication... and for testing configured it explicitly as Http basic authentication. I am never greeted with a prompt.

I'm currently testing the functionality with an http site vs something like facebook using https.

Does anyone have any insight into what could be the issue here?

is there any way to explicity hit the captive portal to verify its even functioning?

2 Replies 2

yogdhanu
Cisco Employee
Cisco Employee

Hi

You can verify config referring to this article.

https://www.cisco.com/c/en/us/support/docs/security/asa-firepower-services/200329-Configure-Active-Directory-Integration-w.html

Apart from that if you have a rule with "trust" action , I would suggest to make it allow.

Is  the traffic coming to captive portal tagged ? If it is then , I would suggest to upgrade to 6.0.1 as there is a known issue with tagged traffic with captive portal.

Thanks

Yogesh

I did infact follow that very guide. I have changed my ACL within sourcefire to "allow" instead of "trust" now. There is still no prompt for active authentication.

I will look into getting this upgraded to 6.0.1

I will leave feedback once that is done, any other things I can do to check in the meantime are appreciated!

Review Cisco Networking for a $25 gift card