History for Captive Portal

Feature

Minimum Management CenterManagement Center

Minimum Threat Defense

Details

Authentication using a realm or realm sequence.

20240514

7.4.1

You can configure active authentication for either an LDAP realm; or a Microsoft Active Directory realm or a realm sequence. In addition, you can configure a passive authentication rule to fall back to active authentication using either a realm or a realm sequence. You can optionally share sessions between managed devices that share the same identity policy in access control rules.

In addition, you have the option to require users to authenticate again when they access the system using a different managed device than they accessed previously.

Microsoft Azure Active Directory cannot be used with captive portal.

New/modified screens:

  • Policies > Identity > (edit policy) > Active Authentication > Share active authentication sessions across firewalls

  • Identity policy > (edit) > Add Rule > Passive Authentication > Realms & Settings > Use active authentication if passive or VPN identity cannot be established

  • Identity policy > (edit) > Add Rule > Active Authentication > Realms & Settings > Use active authentication if passive or VPN identity cannot be established

Share active authentication sessions across firewalls.

7.4.1

MMMM DD, 2023

7.4.1

Determines whether or not users are required to authenticate when their authentication session is sent to a different managed device than one they previously connected to. If your organization requires users to authenticate every time they change locations or sites, you should disable this option.

  • (Default.) Enable to allow users to authenticate with any managed device associated with the active authentication identity rule.

  • Disable to require the user to authenticate with a different managed device, even if they have already authenticated with another managed device to which the active authentication rule is deployed.

New/modified screens: Policies > Identity > (edit policy) > Active Authentication > Share active authentication sessions across firewalls

Hostname redirect.

Any

7.1.0 with Snort 3

You can use a network object that contains the fully-qualified host name (FQDN) of the interface that captive portal can use for active authentication requests.

Guest login.

Any

6.1.0

Users can log in as guest using captive portal.

Captive portal.

Any

6.0.0

Feature introduced. You can use the captive portal to require users to enter their credentials when prompted in a browser window. The mapping also allows policies to be based on a user or group of users.