Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
sjoshi
Staff
Staff

Created on ‎11-11-2024 06:01 AM

Article Id 356586

Troubleshooting Tip: Troubleshooting 403 Forbidden Errors in FortiGate Captive Portal with FortiAuthenticator Authentication

Description

 

This article describes how to troubleshoot and resolve the 403 Forbidden error encountered when accessing a captive portal on a FortiGate firewall configured with FortiAuthenticator as the authentication server.

 

Scope

 

FortiAuthenticator.

 

Solution

 

User-based policy is setup on the FortiGate firewall for internet access where FortiAuthenticator is used for external captive portal authentication.

 

The following error may appear when attempting to trigger the captive portal page on a user's machine:

 

403 Forbidden: You are not allowed to access this resource.

 

Capture.PNG

 

Go to FortiAuthenticator, System -> Network -> Interfaces (select the interface where the captive portal FQDN/IP is mapped to) 

Check whether the captive portal service is enabled.

 

Capture.PNG

 

Enable it and verify the captive portal again.

 

Capture.PNG

 

The captive portal page now appears on the user's machine, and upon successful authentication with correct credentials, internet access is granted.

 

Capture.PNG

 

3109
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.