Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mircoceccarini
New Contributor II

Created on ‎06-26-2024 08:05 AM

Captive Portal redirection

Hi,

I have a fortigate 60F with v/.2.8 build1639 (Mature).

I configuring the device with radius and an external captive portl. But I can't get it to work.

This is my interface configuration:

 

Screenshot 2024-06-26 alle 16.48.45.png

This is my authentication settings:

Screenshot 2024-06-26 alle 16.50.21.png

 

This is my dns server: 

 

Screenshot 2024-06-26 alle 16.52.06.png

This is the redirect after connaction:

https :// login. spottywifi. app: 1000/fgtauth ?000d0e91e1a2c32d

Labels:
312
0 Kudos
5 REPLIES 5
dbhavsar
Staff
Staff

Created on ‎06-26-2024 11:45 AM

Good day @mircoceccarini ,

 

- Could you please elaborate what exactly you are trying? You can also check this:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Captive-Portal-Authentication-Network-Inte... 

DNB
271
mircoceccarini
New Contributor II
In response to dbhavsar

Created on ‎06-27-2024 04:03 AM

Thankyou but i use an external captive portal

 

Mirco

234
0 Kudos
pminarik
Staff
Staff

Created on ‎06-27-2024 05:14 AM

Do you have any users/groups mentioned in the relevant SSID-><other-interface>policies?

Choosing "allow all" in the interface config expects the relevant users/groups to be defined in the firewall policies. If there's none, the resulting behaviour will just present a local disclaimer to be accepted.

 

Second, make sure the local portal address defined in User & Auth > Auth Settings does not match the FQDN of the external portal. These two endpoints must be distinct. (I don't see how the "Spotty_2" object is defined, but the name is suspicious enough to highlight this point)

[ corrections always welcome ]
223
hbac
Staff
Staff

Created on ‎06-27-2024 06:59 AM

Hi @mircoceccarini,

 

So you want to use internal3 IP address as a DNS server? Based on the DHCP server settings, users are using 8.8.8.8 for DNS. If users are using 8.8.8.8, you will need to exempt DNS traffic from captive portal. 

 

Regards, 

208
mircoceccarini
New Contributor II

Created on ‎06-27-2024 08:10 AM

Thank you all, I should have almost solved it. At this time the captive portal only opens on Android devices.
On apple devices it does not open the captive portal devo inserire qualche cosa all'interno.

Interfaces -> Edit Interfaces -> Exempt destinations/service.

Thanks

198
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.