This article provides describes how to extend the captive portal timeout period for 30 days.
FortiGate v7.0 and v7.2.
By default, the captive portal auth timeout is set to 5 mins and can be extended for max of one day. In this case, the users are forced to re-authenticate every day.
# config user setting
set auth-timeout 1 to 1440 (default = <5>)
end
To extend the timeout, it is possible to change the auth-timeout-type to hard-timeout and increase the auth timeout to 43200 in a user group.
In this case, the timer configured in the group will take precedence.
# config user setting
set auth-cert "Fortinet_Factory"
set auth-on-demand always
set auth-timeout 1
set auth-timeout-type hard-timeout
end
# config user group
edit "local"
set authtimeout 43200
set member "testa"
next
it is possible to verify on the time left in GUI under the Firewall user monitor or using the below command:
# diag firewall auth list
10.102.0.2, testa
src_mac: 00:63:68:61:09:01
type: fw, id: 0, duration: 1135, idled: 6
expire: 2590866 <----- Timer gets reflected as per local group created.
flag(804): hard no_idle
packets: in 1640 out 758, bytes: in 1791859 out 99346
user_id: 16777222
group_id: 4
group_name: local
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.