WSSO FortiAuthenticator and Fortigate without FortiAP

Forum|Forum|3 years ago
October 29, 2022
1 reply
5794 views

Dear All

I'm using FortiAuthenticator as Radius and Fortigate as Internet sharing.

I need to allow some group on FortiAuthenticator to use the internet without web login, just Wifi single sign on. If success login on Wifi then Internet automatically active.

Here is the reference that I use.

https://docs.fortinet.com/document/fortiauthenticator/6.2.0/cookbook/644897/wifi-with-wsso-using-fortiauthenticator-radius-and-attributes

The problem is I cannot use the reference with other brand such as tp-link, Dlink, mikrotik or other brand.

On the reference is use FortiAP.

I have tried many time, but always failed, when success login with Wifi then automatically appear login form on browser.

Is there anyone here have a experience to use WSSO without FortiAP.

Please let me know, if anybody can help me.

Regards,

Heri

gfleming

Staff

AFAIK this should work with non-FortiAP wi-fi as well. It's basically just RADIUS under the hood with attributes sent to the FGT for WSSO to work properly.

Did you set up the Fortinet-Group-Name attribute properly in the FAC groups?

heriherwantoAuthor

New Member

Dear gfleming

I have to do that, unfortunately still doesn't work.

Fortigate cannot get the group from FortiAuthenticator.

I will try again, if you have another solution. It's very helpfull.

Best regards,

Heri

gfleming

Staff

Just to confirm you have configured the SSID to use WPA2 Enterprise? And when you connect to wi-fi you are prompted for username and password before getting connected to the network? Do you see the authentications on the FortiAuthenticator?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded