Help
FortiNAC
NOTE: FortiNAC is now named FortiNAC-F. For post-9.4 articles, see FortiNAC-F. FortiNAC is a zero-trust network access solution that provides users with enhanced visibility into the Internet of Things (IoT) devices on their enterprise networks.
amacchiaverna
Staff
Staff

Created on ‎04-04-2022 07:00 AM Edited on ‎04-06-2022 01:14 AM By Community Manager

Article Id 208432

Technical Tip: Captive Portal not coming up when eth0 and eth1 are on separate subnets and isolated

Description

This article describes that depending on the environment, there are controls and/or requirements in place, on the network, that prevent incoming packets on the isolation VLAN going to eth1 and outgoing on eth0 are not able to reach back into the isolation VLAN. 

 

This would be especially apparent when using Captive Portal as this can prevent a browser from displaying the portal.
Scope FortiNAC.
Solution

Setup 'setupAdvancedRoute' in order to configure policy-based split routing on the FortiNAC.

 

This allows packets going into an interface on the FortiNAC, to be sent out again, after processing, via the same interface. Steps were as follows:


1) Log into the CLI as root.


2) Type 'setupAdvancedRoute' at the prompt.

 

amacchiaverna_0-1649079661296.png

 

3) Type 'I' or 'i' to install.

 

amacchiaverna_1-1649079687011.png

 

Alternatively....

 

- Type 'F' or 'f' in order to update routes should a new interface be added (i.e. additional isolation sub-interface(s) is/are added such as registration, authentication, etc...)

 

4) to remove the config, type 'U' or 'u'.
Labels:
1113
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.