Hello all,
Our packet fence deployment is https. Not sure how rare that is but I’m seeing
the following issue with clients getting redirected to PF from Aruba:
When a user connects to guest wireless:
1) If he/she goes somewhere HTTP -> everything is perfect. Redirects to packet
fence, gets a green lock, we’re golden.
2) If he/she goes somewhere HTTPS, two things could happen:
- sites that use HSTS like google and reddit, browser will tell you you can’t
go there and doesn’t even have an option to bypass.
- sites that don’t use HSTS like chase for example, browser will warn
you with a cert error it expected chase.com but got packet fence and you can
skip the error and move on to packet fence.
Aruba has told me to make PF port 80 or deal with it as this is an industry
problem with the certs, which makes sense. I was just curious are all of you
(in this scenario) just dealing with the potential of tickets/ yelling from
users who had no idea they have to go to an HTTP site to be redirected
properly? Being at a university, I fear we will get a lot of tickets,
especially since google.com will simply fail and not let you through.
Thanks!
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
