Skip to main content
suportewispot
suportewispot
New Member
October 19, 2022
Question

[FortiLAN Cloud] How to manipulate Session-timeout and Idle-Timeout by RADIUS Authentication

  • October 19, 2022
  • 3 replies
  • 2508 views

Hi Team,

 

  I'd like to know if it's possible manipulate the user's session by RADIUS Authencation using FortiLAN with FortiAP.

 

  Because once the user has authenticated through "My Captive Portal", the user's session is always handled by the two fields Captive Portal User Authentication Timeout and Client Idle Timeout in Configuration > Network.

 

suportewispot_0-1666204971136.png

 

      I don't know if fortinet understands the WISPr RADIUS attributes or do I need to use a specific dictionary.

 

Versions:

 FortiLAN  | v22.3_0323

 FortiAP - FAP221E | 7.2.1

 

Thank you in advance !!!!

 

3 replies

Jean-Philippe_P
Staff & Editor
Jean-Philippe_P
Staff & Editor
October 25, 2022

Hello suportewispot!

 

Thanks for posting on the Fortinet Community Forum.

 

I will for assistance and get you documentation or help. We will contact you as soon as possible in this thread.

 

Kindest regards,

Jean-Philippe - Fortinet Community Team
vpatil
Staff
vpatil
Staff
October 27, 2022

@suportewispot 

 

If the Captive Portal page is hosted on an External Authentication Server (RADIUS) then you could try using RADIUS Accounting to control user's session:

 

https://docs.fortinet.com/document/fortilan-cloud/22.3.0/fortilan-cloud-user-guide/28299/adding-a-radius-server

 

vpatil_0-1666883294262.png

 

Currently, I could not find WISPr info in the FortiLAN Cloud docs.

 

suportewispot
suportewispotAuthor
New Member
October 27, 2022

Hi @vpatil 

 

Thank you for the support.

 

The issue is that accounting is not being sent to our RADIUS, I've already opened a ticket about it.

 

But, for a vendor to understand these sessions manipulations, I need to know what attributes that vendor operates on

 

As you can see in Cisco Meraki, for example:

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Configuring_RADIUS_Authentication_with_a_Sign-on_Splash_Page

suportewispot_0-1666884533119.png

 

 

vpatil
Staff
vpatil
Staff
October 29, 2022

@suportewispot 

 

1. I'm assuming that you've already added the following FortiLAN Cloud servers in the allowed list as clients to access the RADIUS server:

  • Global server - 173.243.132.78
  • EU server - 154.52.10.243
  • JP server - 173.243.132.207

https://docs.fortinet.com/document/fortilan-cloud/22.3.0/fortilan-cloud-user-guide/28299/adding-a-radius-server

 

2. Yes, a support ticket would be better to check further as to what RADIUS attributes the FortiLAN Cloud servers (RADIUS Client) support.

Terms & ConditionsAccessibility statement