FortiAuthenticator as external captive portal to Aruba controller or aruba instant
As per my understanding to who external captive portal works in Fortigate: there are certain http parameters that are communicated in the process flow "like the magic parameter and post-to parameter).
I am asking about how this process would affect integrating FAC as external captive portal with different vendors.
Some documents in Aruba states that extneral captive portal should be communicating with the controller with xml api via http post messages to valid user location or send user role.
Also in FAC configuration, when configuring the portal policy, in Portal selection criteria: we have options to match on http parameters available for cisco, fortigate and fortiWLC. Does this mean that we cannot integrate with other vendors?
I can see that the URL redirection has post=xxx in case of Fortigate and switch_url=xxx in case of cisco WLC.
In a previous forum post, I had learned in a previous forum post that FAC matches the IP/FQND given into the post= or switch_url against the selected APs in the policy.
Thus, I think Aruba should send include a similar parameter in the URL in order for the FAC to recognize the AP ip.
Secondly, Fortigate has a parameter "magic" and cisco has parameter button_clicked. At it seems that FAC is able to include those parameters in the HTML page presented to the client so that when the client submit the API call to the fortigate or cisco, those parameters, the requreid paramteres are included in the API call.
IF special parameters like the above are required in Aruba, is there any way to control the included http parameters that are included in the html login form presented to the client who will then submit it to the controller.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.