Palo Alto Networks Knowledgebase: Captive Portal for IPV6 Address

Captive Portal for IPV6 Address

1237
Created On 02/08/19 00:05 AM - Last Updated 02/08/19 00:05 AM
User-ID
Resolution

We can configure captive portal for websites that are using the IPV6 address. The configuration is similar to that of IPV4 address. Here in the topology: We have a web server abcd.com which has an IPV6 address.  Both the Palo Alto Networks firewall (PA) and the test system have IPV6 addresses configured.

 

Topology:

 

Captive_Portal_Topology.png

Please use the following steps to configure captive portal for an environment that has IPV6 addresses.

 

Step 1. Create a certificate. This certificate will be used by the firewall to give to the end user when they are trying to access websites.

 

CP_Certificates.png

 

 

 

Step 2. Create the server profile, name it ‘TrustIPV6,’ and call/refer to the certificate you created in Step 1, which was 'IPV6CaptivePortal.' See below.

CP_SSL_TLS Profile.png

 

 

Step 3. Authentication profile: This authentication profile will be user used to authenticate the users.

Authentication Profile.png

 

 

Step 4. Captive portal setting: Configure captive portal under Device > User Identification > Captive Portal. Specify the SSL/TLS service profile, authetication profile that we have created earlier. Specify the redirect host to which the web traffic will be redirected when the user tries to access the websites.

UserIdentification_CP.png

 

 

Step 5. Zone: Enable the user identification on the zone.

Zone.png

 

 

Step 6. Management profile: Create a management profile with response page enabled.

Mgmt Profile.png

 

 

Step 7. Interface: Call the management profile into the interface configuration.

CP_Interface.png

 

 

Step 8. Captive Portal rule: Create a captive portal rule for interesting traffic.

Captive_Portal.png

 

  • Enable decryption for https website.
  • Allow interesting traffic by security policies.

 

Output:

Output.png

 

 

 



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClftCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language