cancel
Showing results for 
Search instead for 
Did you mean: 

Using Facebook for NAC Login

LeoP1
Contributor
Hi Guys,

Resuming this conversation, I'm still in trouble..

I have a customer willing to enable social media authentication with NAC (ExtremeWireless 10.41.02.0014 and NAC 8.1.1.4). His TOP priority is to enable Facebook login.

I've already configured Google and Microsoft logins and both work like a charm (using L7 rules B@AP topology), but Facebook still a mess.

The L7 rules allowing Facebook (default and the custom I've created) seems not to work.

Already tried using the HTTP NAC Portal, but when it jumps to Facebook I got the HSTS problem (when enabling HTTPS redirection) or no access (if I deny HTTPS after allow L7 rules).

The only way I found is to allow all HTTPS, but this is unacceptable for the customer.

Already tried to mess with "Allowed Sites" on NAC, but I had no luck.

I'm running out of ideas (and time)... Anyone have any idea?

Thanks!

-Leo Note: This conversation was created from a reply on: Facebook login on NAC.
10 REPLIES 10

LeoP1
Contributor
Hi Ronald,

I completely agree with you... It's an IdentiFi issue and not EMC/NAC problem.

I'm testing with a B@AP tagged topology (upgraded to the latest version today just to make sure) and 3805i and 3825i APs.

Best regards,

-Leo

Hi Leonardo

I think it would be best if you open a case with GTAC, could you please take a packet capture on the client so we can take a look at the HTTP traffic?

-Gareth

Sure!

Follows some screenshots. The Auth role works fine.

Please, forgive some additional L7 hostname rules I added just to try to make it work (after some sniffing), but without success.

Best regards,
-Leo

57f808849fd64f988a46f6cb070815cb_RackMultipart20180216-54806-d497of-UnAuth-1_inline.png


57f808849fd64f988a46f6cb070815cb_RackMultipart20180216-32766-1k0de4f-UnAuth-2_inline.png


57f808849fd64f988a46f6cb070815cb_RackMultipart20180216-54806-1922ln1-UnAuth-3_inline.png



57f808849fd64f988a46f6cb070815cb_RackMultipart20180216-9411-1s03f3y-Auth-1_inline.png


57f808849fd64f988a46f6cb070815cb_RackMultipart20180216-59389-vbcguz-Auth-2_inline.png

Ronald_Dvorak
Honored Contributor
Could you post a screenshot of the unauth and auth role rules.