Is there a way to create a captive portal on my inside interface, then create an exception for the entire network and then allow people to redirect themselves to the portal? As in inside interface is 192.168.0.1/22 so enable the captive portal on the interface. Then create a bypass for the enitre /22 so users aren't redirected by default and just get matched to the existing policies.
But if a user needs to get authentication allow them to type in a URL that lands them on the FGT so they can authenticate. This is so they can authenticate against a backend LDAP server if they're using a device that doesn't allow them to sign in with domain creds.
Hey mumbles,
if I remember correctly, your users could technically go directly to http://192.168.0.1:1000/fgtauth or https://192.168.0.1:1003/fgtauth to log in.
Thanks for this. I did some testing today with using it but had inconsistent results. I'll try it again tomorrow and post back.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.