Page 1 of 2 12 LastLast
Results 1 to 10 of 15
  1. #1
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default Untangle 10 Captive Portal Allowing Android Devices Through?

    Since upgrading to Untangle 10, the Captive Portal appears to be letting Android devices through without being redirected to the log in page or being blocked if they did not log in. We have reviewed the configuration and everything else appears correct, any ideas on why this is happening?

  2. #2
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,605

    Default

    are you running https inspector?

    any other details of your setup you can offer might be helpful.
    If you think I got Grumpy

  3. #3
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    HTTPS Inspector is not enabled, we briefly turned it on and then had issues probably because it was not configured.

    We are running the Captive Portal, everything should be using the Local Directory for logins before being able to get online.

  4. #4
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,605

    Default

    I think that you will find that nothing will be redirected if the first web page that is tried is https:// - which means www.google.com, anyway.

    I don't know about not being blocked, though?

    I would see about getting https inspector configured. With a paid subscription, definitely contact support (green button on right of your screen).

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,038

    Default

    I think Untangle 10 has the ability to allow android and iOS devices through the portal independently. I don't have a 10 install up I can reference at this point but check your capture rules. There may be a default rule that's causing this.

    The redirection event to the CP page is problematic if the first page opened is https. However, modern android OS's detect the CP and deal with it gracefully. If they are going straight through the portal that either means the traffic is going into the wrong rack, and bypassing the CP, or the traffic isn't configured to be captured. If it was captured and the redirect failed, all network functionality that's not explicitly bypassed will fail to work until the device is authenticated.
    Jim.Alles likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

  7. #7
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    Captive Portal enabled, Captive Page set with Basic Login and no session redirect... screen captures of Capture Rules and User Authentication above. HTTPS Inspector is not enabled.

  8. #8
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Use the "Rule Event Log" to see what traffic is being captured vs passed and why.

    Or just call support and they'll take a look.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  9. #9
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    We are seeing traffic being passed without a username, both within the Webfilter and other locations like the Firewall.

  10. #10
    Master Untangler
    Join Date
    Dec 2008
    Location
    Greater Omaha Area
    Posts
    253

    Default

    Everything in the Captive Portal Rule Event Log shows as blocked, including the IP Address in question ... there is no login for that IP Address but there is inappropriate web traffic showing in the Web Filter from the same IP Address around the same time without any username and the traffic appears to be allowed through to the internet which the Captive Portal should be blocking?

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2