FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 196620



This article describes how to configure the keepalive page to show on a user configuration when the user accesses the internet.



By default, the authentication portal expires after the login prompt. To maintain a session of portal page and achieve a logout feature, it is possible to enable the keepalive feature through a global setting.


Authentication keeps alive is disabled by default. Enable it in a global setting via CLI.


# config system global

    set auth-keepalive enable



Aftter the login attempt, keepalive with the logout button will be displayed. The session time depends on the users setting and global settings.




It is possible to modify user auth timeout and session time for more granularity.


# config user setting

    set auth-cert "Fortinet_Factory"

    set auth-on-demand always

    set auth-timeout 1440

    set auth-timeout-type new-session



# config sys global

(global) set auth-session-limit block-new 

block-new          <----- Block new user authentication attempts.

logout-inactive    <----- Logout the most inactive user authenticated sessions.


It is possible to view the authenticated user inside Dashboard 'User & Device' on a Firewall Users section.