Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Partisan44
New Contributor

FORTIGATE SESSION BASED AUTHENTICATION INSTEAD OF IP BASED AUTHNTICATION USING LDAP

Hi 

 

Is there a way to implement session based authentication for users instead of IP Based Authentication ,as I have  The below scenario:

1. FortiGate Firewall running version 7.4.3, is the Gateway & DHCP Server configured with a Captive Portal ,it authenticates users against LDAP .

2. The wireless network has 1 SSID, with different Access point vendors, when users move-in between the different access points ,they obtain different  IP address`s ,they are prompted to re-authenticate on the portal.

3. The previous gateway was a Meraki firewall ,it was able to authenticate users based on sessions, whereby you only logged in once on the portal and re-AUTH happened when the account duration had ended .It was not based on IP address`s hence users didn`t get the portal to re-authentication as they moved around.

 

Edit 1 : Most of the users use tablets /laptops not joined to the domain

 

Is there a way to do this ?

 

Thanks 

3 REPLIES 3
AEK
SuperUser
SuperUser

Hi

I think you are looking for FCT SSO mobility agent.

https://docs.fortinet.com/document/fortiauthenticator/6.5.5/administration-guide/326993

 

AEK
AEK
Partisan44
New Contributor

Thanks ,however i am looking at an agent-less solution .

mpandya
Staff
Staff

Hi Partisan,

I don't think that feature is avail on fortigate 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors