Pre-Auth List issue with HTTPS domains on Omada Controller v5.15.20.16

Pre-Auth List issue with HTTPS domains on Omada Controller v5.15.20.16

Pre-Auth List issue with HTTPS domains on Omada Controller v5.15.20.16
Pre-Auth List issue with HTTPS domains on Omada Controller v5.15.20.16
Monday
Hardware Version: V20
Firmware Version: v5.15.20.16

Hi,
I'm facing a problem with the Pre-Authentication Access List on Omada SDN Controller (v5.15.20.16).

The whitelist works fine for some domains (e.g., btc2007[dot]com), but fails for others hosted behind certain CDN providers (like fedapay[dot]com).

What I did:

  • Whitelisted both domain names and IP addresses (using /32)

  • Added public DNS servers (8.8.8.8 and 1.1.1.1)

  • DNS resolution works

  • Access to btc2007[dot]com is successful before login

  • Access to fedapay-type domains is blocked or redirected to the captive portal

When testing with curl, I receive HTTP 530 errors. It seems the portal is not handling HTTPS requests correctly for some domains, maybe due to TLS/SNI or how Cloud-based protection works.

Looking for:

  • Confirmation if this is a known limitation or bug

  • A reliable method to allow such HTTPS domains in the Pre-Auth List

Thanks in advance!

  0      
  0      
#1
Options
1 Reply
Re:Pre-Auth List issue with HTTPS domains on Omada Controller v5.15.20.16
Tuesday

Hi  @fulgore 

 

To understand the issue better, could you please give us the following info:

1. a screenshot of the portal config page;

2. a screenshot of the Pre-Authentication Access List;

3. some screenshots when failed to access fedapay[dot]com;

4. a screenshots of the device list so we can know what SDN devices you are using.

  0  
  0  
#2
Options