Dear Community
Upon booting up my company Centos 8 stream laptop all network and internet access is blocked until a successful connection to the company VPN server is established. This is achieved using the appropriate firewall rules and is put in place to ensure all traffic inbound and outbound from the laptop can be effectively monitored from a security perspective when the VPN session is established. This works well until we have to use a Captive Portal (eg Cafe, Hotel etc). Since we can't drop the firewall rules to grant access to the wifi offering the captive portal we can never accept its conditions and hence cant fire up a vpn connection.
My question is how can we grant users access to the captive portal wifi to accept its terms and conditions but at the same time not allow them full internet/network access until the VPN session is established? Are there any options from a firewall perspective which will allow only captive portal access? Any ideas welcome.
Note I have seen Pulse Secure do this on Windows but the literature I have read doesn't explain how they do this.
Advice appreciated.
Thanks
Big Dog
VPN and CaptivePortal
Re: VPN and CaptivePortal
your captive portal probably is inside a 10.0.0.0/8 172.16.0.0/12 or 192.168.0.0/16 network
then you can accept intranet connections without compromise your whole security policy
then you can accept intranet connections without compromise your whole security policy