Authenticate Through Browser to Use Internet

Forum|Forum|8 years ago
June 28, 2017
2 replies
15913 views

Newbie here (sorry)!

I have searched through this site and could not find what I'm looking for, and hope you can help.

Background:

I have a FortiGate 1000D running firmware v5.2.11,build754 (GA) in a K-12 school district with 5,000 students with one-to-one devices. I also have a VM with FortiAuthenticator.

Issue:

I would like to configure my FortiGate to the following.

When a user logs into their device and opens up a web browser they are presented a login screen. Once they login and authenticate to my Active Directory, they are then allowed or denied access for a set time frame.

Thank you in advance for all your help!

Troy

gsarica

New Member

Haven't used them yet myself but in theory a captive portal should work. You can configure the LAN interface to use a captive portal based on authentication off a group you create that's tied to your AD server. More info here:

http://help.fortinet.com/fos50hlp/52data/Content/FortiOS/fortigate-authentication-52/CaptivePortals.htm?Highlight=captive%20portal

As for the time schedule, you'd have to configure that in your actual policy.

tshawAuthor

New Member

gsarica,

Thank you for the quick response, I will look into this.

FA-Shams

New Member

Hi All,

I am also looking for the same scenario, I want my users to authenticate behind the scenes prior to access internet. I configured captive portal but its always prompting the users to Open browser and connect. I configured Fortigate SSO with Microsoft Intune. I don't want users to enter their credentials. Passive authentication should happen when user is logged onto the system

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded