Hello,
When external users have to logon, I give them https://firewall.mydomain.com:1003 (I've load a 3rd party certificate).
but they are redirect to https://IP-ADRESS:1003 with a certificate error
Is there a way to fix the name used by FG to match my FQDN ?
Thanks !
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I think you are missing following settings:
config firewall auth-portal
set portal-addr "portal.example.org"
end
config firewall policy
edit <policyID>
set auth-redirect-addr portal.example.org
end
Hi all,
Can you just tell me if you have issue : are you redirect to IP adress when accessing to https://firewall.mydomain.com:1003 (logon page)
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Hi all
I open a Ticket, so stay tuned
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
I think you are missing following settings:
config firewall auth-portal
set portal-addr "portal.example.org"
end
config firewall policy
edit <policyID>
set auth-redirect-addr portal.example.org
end
Thanks for this tip but I'm using Fortigate Captive Portal, not an external one
Extract from CLI doc :
auth-portal
Use this command to add an external authentication portal.
Is there a same parameter for FG captive portal ?
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Have you tried it?
In my case this seems to work also when using the internal portal. Just replace portal.example.org with your internal DNS record for the FG Portal.
Thanks a lot, this is working well
Just need the first step :
config firewall auth-portal set portal-addr "portal.example.org" end
Additionnal step : in my case, FG act as DNS server
SSID configuration : DNS Server : Same a Interface IP
Create a DNS Database on "DNS server" tab : Master Zone, type Shadow, not Autoritative
Create a single entry with myportal.mydomain.com pointing to FG Wifi Interface IP.
DNS Service on Interface : Select Wifi interface, recursive mode
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Above steps doesn't work for Fortiweb 7.4.0. Please provide guidance
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1536 | |
1029 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.