Created on 02-11-2024 09:29 PM Edited on 03-24-2024 10:07 PM By Anthony_E
This article describes how to configure Web Filter authentication user for local categories overrides.
Web Filter authentication is required for branch-office users to access to internal sites of a private domain.
FortiGate, Web Filter, User Authentication.
In this scenario:
Local Category:
In FGT_Branch create a new web Custom Category and override internal URLs.
Important Note:
Captive portal uses temporary TCP ports for web authentication. The internal URLs must use standard web ports for HTTP/HTTPS, otherwise authentication port must be changed..
Technical Tip: How to allow custom port when non-standard port is used while active authentication
Web Filter Profile:
In FGT_Branch, create a new Web Filter profile and configure user authentication for the local category 'Internal Sites'.
Remember to select OK on the next screen to save the Web Filter Profile.
Firewall Policy:
Create a firewall policy as follows:
Results:
When a web browser tries to reach an internal URL, Web Authentication will prompted. After successful authentication, the Web page must be displayed as well.
Related articles:
Technical Tip: Creating a Web Filter profile with user authentication
Video: Flow Mode Webfilter Support (Warning/Authenticate/Override).
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.