FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
nmichael
Staff
Staff
Description
When a user connects to a wireless network with internal captive portal authentication, the device is redirected to url: https://x.x.x.x:1003. Since FortiGate is installed with standard certificate, the user is presented with an SSL warning error of using invalid common name because it does not match the IP address of the captive portal server (or FortiGate).

nmichael_FD40682_tn_FD40682-1.jpg

Scope
All versions.

Solution
This error can be avoided only by redirecting the wireless users to  a Url that includes the FQDN of the FortiGate; instead of the FortiGate IP address. https://<FQDN>:1003

This can be implemented with the following commands:

#config firewall auth-portal
#set portal-addr <FGT FQDN>
#end

Ensure also that there is a DNS resolution entry in the DNS server for the FQDN name with the FortiGate IP address.

Contributors