Hello, I read carefully topics here, but could not find working
solution. I have a FG-40F test unit, made a vlan on it (99) with pool
192.168.200.0/24 FG has 192.168.200.1 addressOn this vlan I set up
captive portal like this:If I set as excempt DNS ...
Hello, I faced a problem, that some time ago stopped working CoA
DisconnectionIf I do: echo "User-Name=Username,
Framed-IP-Address=10.0.0.X" | radclient -x name.fortidyndns.com:3799
disconnect SecretThe router receives packet on wan interface, i see ...
For now I got:1. Portal can have LE certificate:config firewall
auth-portalset portal-addr "fqdn"endconfig user settingset
auth-secure-http enableset auth-cert "LE"end2. Also logic of checking
connectivity by portal works a bit other way, so there sh...
The problem is solved.It was in test enviroinment. We have changed
password for client (client.conf):client 192.168.1.20 {ipaddr =
192.168.1.20secret = testing123coa_server = {secret = testing124port =
3799}}But connection test in FG showed ok with o...
Seems like the problem is wider: FG does not accepts any packets, even
if we try sending CoA request from internal interface (LAN). It also see
incoming packet but FG does nothing with it, not replies at all. I'm
confused.
Pcap on FG see this packet, but it is not processed by FG and there is
no any reply from FG on this packet (earlier if something was wrong it
sent Disconnect-NAK, if ok - Disconnect-ACK):Source IP IP1Source Port
39176Destination IP IP2Destination Por...
We used Framed-IP-address & username We can see them in Dashboard -
Firewall User MonitorAnd with such string it worked well for some
time:echo "User-Name=Username, Framed-IP-Address=10.0.0.X" | radclient
-x name.fortidyndns.com:3799 disconnect Secre...