Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pginete
Staff
Staff

Created on ‎06-06-2024 01:44 AM

Article Id 319340

Troubleshooting Tip: The extended captive portal timeout is not working

Description

This article describes how to fix the extended captive portal timeout when it is not working.
Scope FortiGate.
Solution

FortiGate is acting as the DHCP server.

 

The captive portal timeout period is configured for 30 days in FortiGate.

 

config user setting
    set auth-cert "Fortinet_Factory"
    set auth-on-demand always
    set auth-timeout 1
    set auth-timeout-type hard-timeout
end

 

config user group
    edit "local_group"
        set authtimeout 43200
        set member "test"
    next

end

 

The extended captive portal timeout is not working as the user is still getting an authentication prompt every day which should be after 30 days.

 

authentication prompt.JPG

 

 

To fix this, increase the DHCP lease time on the interface of FortiGate where the DHCP server is enabled to 30 days (2592000 seconds) or more.

 

config system dhcp server

    edit 1

        set lease-time 2592000

    next

end

 

This solution is applicable only if using DHCP. It is not necessary to apply this when using static as the above configuration is sufficient.
137
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.