Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Phill1
New Contributor

FortiAuth ssl warning

I have clients their GW on fortigate, and captive portal on FortiAuth, when user connect to wifi it get page with internal IP of fortigate like 192.168.168.1:1000/fgtauth

By pressing continue on browser it get captive portal on fortiAuth, how I can make user connect directly to captive portal directly because certificate signed with CA on fortiauthenticator,  but fortigate internal IP show certificate warning 

Is there log/debug can help me on that

2 REPLIES 2
ccho
Staff
Staff

Hey Phill,

The very first re-direct for captive portal is always the "<FortigateIP>:1000/fgtauth" or "<FortigateIP>:1003/fgtauth".

 

The cert used to host that page is set here

https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-change-the-Captive-Portal-certific...

 

You have to get a right cert to host Fortigate's auth page that client's browser can trust.

If the certificate is signed for the internal IP of the Fortigate that will work as is.

If the certificate is signed for a hostname, you can change the redirect hostname under

 

# config firewall auth-portal
# set portal-addr fortigatename.domain.com
# end

 

Be careful changing the portal-addr to a hostname. Client has to resolve that hostname to the correct IP of the Fortigate (if not, the captive portal will fail).

Phill1
New Contributor

-Captive portal on fortiauthenticator signed on 3rd party with hostname,  so do you mean I need to also to do same thing on fortigate internal IP for each IP on fortigate assigned to vlan/ssid

- you said "Client has to resolve that hostname to the correct IP of the Fortigate (if not, the captive portal will fail).",  the captive portal on fortiauthenticator so I need hostname to correct IP of fortiauthenticator which I did it

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors