Created on
08-15-2024
09:30 PM
Edited on
07-20-2025
11:49 PM
By
Anthony_E
Description |
This article describes how to enable a disclaimer page for users connecting to a specific SSID on a FortiGate. |
Scope | FortiGate. |
Solution |
A disclaimer page is a custom message or policy acknowledgment page that users must accept before gaining access to the network. This is often used for legal or policy compliance purposes. In older versions of FortiGate, It was enabled from the Firewall policy as referred to in the below KB article: Technical Tip: Configuring a disclaimer page on a FortiGate firewall policy
After v7.2 or above, go to Wi-Fi & Switch Controller -> SSIDs, and under the security mode setting, select Captive Portal or WPA2 Personal with Captive Portal from the dropdown menu as shown in the image below.
After selecting the above-mentioned option, another dropdown menu is available to select Disclaimer or Disclaimer + Authentication, as shown in the image below.
Note: The disclaimer option is not supported in the bridge SSID. SSID has to be in Tunnel mode to configure the Disclaimer.
To configure the disclaimer page with captive portal SSID on CLI:
config wireless-controller vap edit “Test-Wifi” set security { captive-portal | wpa-personal+captive-portal | wpa2-only-personal+captive-portal} set portal-type { disclaimer | auth+disclaimer} next end
After enabling a disclaimer page on an SSID using FortiGate, users connecting to the SSID will now be required to read and accept the disclaimer before accessing the network.
Related articles: Technical Tip: Captive Portal Disclaimer does not display Troubleshooting Tip: Captive portal Disclaimer is showing up twice on network SSID |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.