VPN and CaptivePortal

Support for security such as Firewalls and securing linux
Post Reply
BigDog
Posts: 15
Joined: 2019/01/24 03:18:57

VPN and CaptivePortal

Post by BigDog » 2021/05/22 07:47:33

Dear Community

Upon booting up my company Centos 8 stream laptop all network and internet access is blocked until a successful connection to the company VPN server is established. This is achieved using the appropriate firewall rules and is put in place to ensure all traffic inbound and outbound from the laptop can be effectively monitored from a security perspective when the VPN session is established. This works well until we have to use a Captive Portal (eg Cafe, Hotel etc). Since we can't drop the firewall rules to grant access to the wifi offering the captive portal we can never accept its conditions and hence cant fire up a vpn connection.

My question is how can we grant users access to the captive portal wifi to accept its terms and conditions but at the same time not allow them full internet/network access until the VPN session is established? Are there any options from a firewall perspective which will allow only captive portal access? Any ideas welcome.

Note I have seen Pulse Secure do this on Windows but the literature I have read doesn't explain how they do this.

Advice appreciated.

Thanks

Big Dog

BShT
Posts: 584
Joined: 2019/10/09 12:31:40

Re: VPN and CaptivePortal

Post by BShT » 2021/05/26 20:21:27

your captive portal probably is inside a 10.0.0.0/8 172.16.0.0/12 or 192.168.0.0/16 network

then you can accept intranet connections without compromise your whole security policy

Post Reply