Fortigate & Fortiauth: Certificate warning with captive portal

Question

I've configured a captive portal (external, on the Fortiauth with a public certificate) on a FG running 5.4.1. WLAN users connect to the SSID, open a browser and get a certificate warning from the (private) IP of the FG virtual Interface (SSID). I've researched a lot but cannot find a solution to specify a FQDN and a certificate for this redirection.

Portal on Fortiauth is working correctly.

Thanks for any help!

martin

mahff · Answer

Hi,

The alert message on Android devices when connecting to an external captive portal could be due to the device detecting a potential security issue, often related to SSL/TLS certificates. Here's how you can address this:

Ensure the Certificate is Trusted: Even though your captive portal has a valid HTTPS certificate, Android devices may show an alert if the certificate is not from a trusted authority or if there is a mismatch in the certificate details. Double-check that the certificate is issued by a well-known Certificate Authority (CA) and that all the details match, including the domain name.
Use a Domain Name for Fortigate: To eliminate the warning, using a domain name for your Fortigate device rather than an IP address is advisable. This allows for the SSL certificate to be fully validated.
Install the Certificate on Fortigate: You need to install it on your Fortigate device.
Enable HTTPS Redirection: Enabling HTTPS redirection on your Fortigate device can help avoid web browser warnings by ensuring that all connections are securely redirected to HTTPS.

This documentation How to enable HTTPS Redirection to avoid web browser warning - Fortigate, is a guide on configuring HTTPS redirection. It likely includes steps to properly set up your SSL certificate and ensure that your captive portal is accessed securely.

Best regards,

Mahff

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded