New Member

Question

Allow only a single connection with a ticket of a captive portal

Forum|Forum|11 years ago
August 21, 2014
8 replies
19292 views

Hi, I am running a captive portal for a hotel, using a Fortigate100D as a hub FortiAP 221B, and works very well, but I have a problem, the tiket generated, allowing the connection of multiple machines at the same time, and need is to allow the connection to one machine, with one tiket generated. I appreciate your attention, and I hope you can help me

Carl_Wallmark

New Member

Hi and welcome, Try this in CLI: config user group edit <name of you guest Group> set auth-concurrent-override enable end

nbctcp

New Member

Will that prevent user to reshare that 1 ticket using this method

https://nbctcp.wordpress....otel-wireless-account/

ede_pfau

SuperUser

This is only the first half of the option you have to set. Add

config user group  edit <name of your guestuser group>  set auth-concurrent-value 1

The description is:

Set the number of concurrent logins permitted from the same IP address. Range 1 to 100. 0 means no limit. This field is available if auth-concurrentoverride is enabled.

What makes me wonder is the part talking about " from the same IP address" . Typically, a hotel guest will bring in 2+ devices which connect on the open WLAN, each receiving a unique IP address from the DHCP pool. That would mean that this option will have no effect. I' m afraid you will have to try it out yourself.

cristian1Author

New Member

ok! thank you very much! I' ll try this configuration

dasilva13

New Member

have you tried this by chance?

cristian1Author

New Member

yeah, so far is working well.

AndreaSoliva

New Member

Hi all the docu " from the same ip" is from my point of view a docu error. Shame on Forti -if it is so- specially because this error is since initial release of CLI 5.0 GA. I had the same request from a customer for two days and tested by myself. It works.....I asked a Forti contact regarding the error and he told me " yes, from his point of view it is a error" . not really funny Andrea

Christopher_McMullan

Staff

I' m late to this topic. I don' t know the ticket number offhand detailing your discussion with TAC, but suggest to them to bring it up with the documentation department. Their office is 5 minutes' drive away from mine, and they often come by to gather input on new documents, and changes to existing ones. If you can' t reach out to them through the ticket, post (or PM me with) a quick summary here, and I can email them directly. Indicate the document and page number, the problematic text, and how it should have read to be accurate or more clear.

ede_pfau

SuperUser

I will contact the documentation team, with references and all. Done.

ede_pfau

SuperUser

Just a follow-up:

the misleading description for the options "config system global/policy-auth-concurrent" and "config user group/auth-concurrent-value" has been corrected in the latest "CLI Reference for FortiOS 5.2" dated 2014-12-05.

Limit the number of concurrent logins from the same user. Range 1 to 100. 0 means no limit.

It used to read "...from the same IP."

Alas, the CLI Reference for v5.0 is still not updated (2014-09-26). I will stick to it.

eboss

New Member

Hello,

I wanted to know if limiting one connection per user can be applied also if I have RADIUS setted up

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded