Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
martinsd
Staff
Staff

Created on ‎09-27-2024 08:06 AM

Article Id 345048

Technical Tip: FortiGate managed FortiAP with External Captive Portal authentication

Description This article shows the high-level traffic workflow used for External Captive Portal authentication on a FortiAP managed by FortiGate setup.
Scope FortiGate, FortiAP.
Solution

Workflow:

 

Captive_Portal.drawio.png

 

Steps:

  1. The endpoint will associate with AP but since the authentication method is a Captive Portal with external authentication, FortiAP cannot be set up as a local-standalone, so FortiGate will handle the association process.
  2. After association, the endpoint will browse the Internet (original request) and will be redirected by the FortiAP to the external Captive Portal.
  3. The Endpoint will authenticate through the Captive Portal and since the FortiAP is not Standalone the login information will be redirected to FortiGate local Captive Portal.
  4. FortiGate will redirect the Endpoint to the original requested URL.

 

SSID Config:

 

Screenshot from 2024-09-27 10-17-49.png
562
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.