Pre-Auth List issue with HTTPS domains on Omada Controller v5.15.20.16
Hi,
I'm facing a problem with the Pre-Authentication Access List on Omada SDN Controller (v5.15.20.16).
The whitelist works fine for some domains (e.g., btc2007[dot]com), but fails for others hosted behind certain CDN providers (like fedapay[dot]com).
What I did:
-
Whitelisted both domain names and IP addresses (using /32)
-
Added public DNS servers (8.8.8.8 and 1.1.1.1)
-
DNS resolution works
-
Access to btc2007[dot]com is successful before login
-
Access to fedapay-type domains is blocked or redirected to the captive portal
When testing with curl, I receive HTTP 530 errors. It seems the portal is not handling HTTPS requests correctly for some domains, maybe due to TLS/SNI or how Cloud-based protection works.
Looking for:
-
Confirmation if this is a known limitation or bug
-
A reliable method to allow such HTTPS domains in the Pre-Auth List
Thanks in advance!