09-06-2024 02:26 AM
Hi,
I've updated my XIQ-SE + ExtremeControl to latest version
and I'm trying How to Implement Microsoft Entra ID Registration with OpenID
I've configured Captive Portal for Entra ID registration and the test is successful
I've added the nac rule:
But on the client, when press the Button "Sign in with Microsoft" nothing happen (network login and Register as Guest works instead).
How can I debug what's the problem?
09-10-2024 12:17 PM
Hi Antonio.
I did not test the Entra ID with PBR.
Regarding troubleshooting/debugging, I suggest opening a GTAC ticket.
09-09-2024 08:03 AM
Hi Zdenek,
when I press the "SIgn in with Microsoft" button, in my wireshark session on the client, I don't see DNS request for any microsoft websites, seems that there is no redirection to the login page of microsoft and I don't see client connections to microsoft website at all.
In my configuration for the redirection I use the "Proxy DNS" method because my lab router (pfsense) seems not works with PBR.
09-07-2024 01:18 AM
Hi Ryan and Zdenek,
I've added login.microsftonline.com to the allowed URL and domain in the network settings and allowed web of the captive portal
but when I click on the Microsoft login button the redirection to microsoft site doesn't happen.
If in the web client browser I try to go to https://login.microsoftonline.com I've a redirect page but empty:
Probally I don't put the Allowed web site in the correct format ....How debug more deep the problem?
09-06-2024 10:19 AM
both the Access Control Engine and the client must have access to the Microsoft
09-06-2024 05:52 AM
Hello,
Are you allowing client traffic out to Microsoft through the walled garden on the policy on the controller or switch?
The button should redirect the client out to login.microsoftonline.com, if the client has access to this resource blocked.
Thanks
-Ryan