Using Facebook for NAC Login
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-14-2018 09:04 PM
Hi Guys,
Resuming this conversation, I'm still in trouble..
I have a customer willing to enable social media authentication with NAC (ExtremeWireless 10.41.02.0014 and NAC 8.1.1.4). His TOP priority is to enable Facebook login.
I've already configured Google and Microsoft logins and both work like a charm (using L7 rules B@AP topology), but Facebook still a mess.
The L7 rules allowing Facebook (default and the custom I've created) seems not to work.
Already tried using the HTTP NAC Portal, but when it jumps to Facebook I got the HSTS problem (when enabling HTTPS redirection) or no access (if I deny HTTPS after allow L7 rules).
The only way I found is to allow all HTTPS, but this is unacceptable for the customer.
Already tried to mess with "Allowed Sites" on NAC, but I had no luck.
I'm running out of ideas (and time)... Anyone have any idea?
Thanks!
-Leo Note: This conversation was created from a reply on: Facebook login on NAC.
Resuming this conversation, I'm still in trouble..
I have a customer willing to enable social media authentication with NAC (ExtremeWireless 10.41.02.0014 and NAC 8.1.1.4). His TOP priority is to enable Facebook login.
I've already configured Google and Microsoft logins and both work like a charm (using L7 rules B@AP topology), but Facebook still a mess.
The L7 rules allowing Facebook (default and the custom I've created) seems not to work.
Already tried using the HTTP NAC Portal, but when it jumps to Facebook I got the HSTS problem (when enabling HTTPS redirection) or no access (if I deny HTTPS after allow L7 rules).
The only way I found is to allow all HTTPS, but this is unacceptable for the customer.
Already tried to mess with "Allowed Sites" on NAC, but I had no luck.
I'm running out of ideas (and time)... Anyone have any idea?
Thanks!
-Leo Note: This conversation was created from a reply on: Facebook login on NAC.
10 REPLIES 10
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-16-2018 07:10 PM
Leo, what AP model is used in the deployment ?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-16-2018 06:50 PM
Hi Leo,
I spoke with the developer who is in charge of the guest registration functionality and he is now looking into it. Let me know if you have any other questions or if you uncover any additional clues.
Thanks again!
John
I spoke with the developer who is in charge of the guest registration functionality and he is now looking into it. Let me know if you have any other questions or if you uncover any additional clues.
Thanks again!
John
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-16-2018 06:50 PM
As far as I unterstand that is a issue with the AP L7 rule and has nothing to do with EMC/Control so someone from the IdentiFi team need to look into it.
Here another post that looks like the same issue....
https://community.extremenetworks.com/extreme/topics/l7-role-versio-10-21-01
Here another post that looks like the same issue....
https://community.extremenetworks.com/extreme/topics/l7-role-versio-10-21-01
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-15-2018 06:51 PM
Hi guys,
I was working on some tests, and I found that, by some odd reason, the L7 hostname rule for facebook.com seems to be really ignored by AP (creating other similar rules works fine).
It looks like the facebook.com is getting redirected instead of allowed...
Any ideas?
I was working on some tests, and I found that, by some odd reason, the L7 hostname rule for facebook.com seems to be really ignored by AP (creating other similar rules works fine).
It looks like the facebook.com is getting redirected instead of allowed...
Any ideas?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-15-2018 02:56 PM
Hi John,
I've already tried this config... Both L7 hostname rule on wireless controller (and creating the DNS proxy domains as L7 rules) or Allowed Domains at NAC and I got the same results.
As I said, Google and MS works perfectly, but it seems that the Controller L7 rules for Facebook (hostname facebook.com) aren't working, and it still trying to redirect (it doesn't happen with the google or MS rules).
Maybe a Controller issue? There's any way to debug it (seeing what got "allowed" and what hits the botton Redirect rule)?
Thanks!
-Leo
I've already tried this config... Both L7 hostname rule on wireless controller (and creating the DNS proxy domains as L7 rules) or Allowed Domains at NAC and I got the same results.
As I said, Google and MS works perfectly, but it seems that the Controller L7 rules for Facebook (hostname facebook.com) aren't working, and it still trying to redirect (it doesn't happen with the google or MS rules).
Maybe a Controller issue? There's any way to debug it (seeing what got "allowed" and what hits the botton Redirect rule)?
Thanks!
-Leo
