Hi
Is there a way to implement session based authentication for users instead of IP Based Authentication ,as I have The below scenario:
1. FortiGate Firewall running version 7.4.3, is the Gateway & DHCP Server configured with a Captive Portal ,it authenticates users against LDAP .
2. The wireless network has 1 SSID, with different Access point vendors, when users move-in between the different access points ,they obtain different IP address`s ,they are prompted to re-authenticate on the portal.
3. The previous gateway was a Meraki firewall ,it was able to authenticate users based on sessions, whereby you only logged in once on the portal and re-AUTH happened when the account duration had ended .It was not based on IP address`s hence users didn`t get the portal to re-authentication as they moved around.
Edit 1 : Most of the users use tablets /laptops not joined to the domain
Is there a way to do this ?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi
I think you are looking for FCT SSO mobility agent.
https://docs.fortinet.com/document/fortiauthenticator/6.5.5/administration-guide/326993
Thanks ,however i am looking at an agent-less solution .
Hi Partisan,
I don't think that feature is avail on fortigate
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1663 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.