By pressing continue on browser it get captive portal on fortiAuth, how I can make user connect directly to captive portal directly because certificate signed with CA on fortiauthenticator, but fortigate internal IP show certificate warning
Is there log/debug can help me on that
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hey Phill,
The very first re-direct for captive portal is always the "<FortigateIP>:1000/fgtauth" or "<FortigateIP>:1003/fgtauth".
The cert used to host that page is set here
You have to get a right cert to host Fortigate's auth page that client's browser can trust.
If the certificate is signed for the internal IP of the Fortigate that will work as is.
If the certificate is signed for a hostname, you can change the redirect hostname under
# config firewall auth-portal
# set portal-addr fortigatename.domain.com
# end
Be careful changing the portal-addr to a hostname. Client has to resolve that hostname to the correct IP of the Fortigate (if not, the captive portal will fail).
-Captive portal on fortiauthenticator signed on 3rd party with hostname, so do you mean I need to also to do same thing on fortigate internal IP for each IP on fortigate assigned to vlan/ssid
- you said "Client has to resolve that hostname to the correct IP of the Fortigate (if not, the captive portal will fail).", the captive portal on fortiauthenticator so I need hostname to correct IP of fortiauthenticator which I did it
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.