Using Captive Portal Security in Bridge Mode... Can this be setup?

Hi

can you please tell me if you use a FAP in bridge and the traffic is allowed to go directly out from the FAP to the segment/subnet (nic of FAP is bridged) and for authentication you would like to use Captive Portal which is running on the FortiGate?

I think you go it? Can not be used in bridge mode and because of above info it makes sence because the traffic MUST not go to the FGT because of BRIDGED nic of FAP.

hope this helps

have fun

Andrea

You can't use the portal on the SSID when it is locally bridged because the traffic is exiting the FAP and is not reaching the Fortigate for authentication.

You have 2 possibilities:

- either change the wireless network to tunneled and configure the portal. That way users need to authenticate before accessing the network.

- configure the portal on the "internal" interface (or the interface you are using). In that case all users on the interface (both wired and wireless) need to authenticate when matching the policy (eg for internet access). But keep in mind that they will be able to access resources on the subnet the ap's are bridges into.