Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
oalkhatib
Staff
Staff

FortiAuthenticator for Guest Access

Hello Community,

 

is there a way to use the fortiauthenticator version 6.5 for guests in a way they don't need to create username/password?

by this , i mean to ask them for their firstname/last name and mobile number, and then they receive SMS verification code to enter and verify their number. after that they should be able to connect. i believe this was available in earlier versions like 6.1 but not sure if there is any workaround for this requirement?

 

thanks

5 REPLIES 5
Faiza_Emam_Delhi
Contributor

Hi @oalkhatib 

 

Yes, it is possible to set up FortiAuthenticator for guest access without requiring guests to create a username and password. One way to do this is by using the SMS-based authentication feature in FortiAuthenticator.

 

Here are the general steps to set this up:

 

1. Configure FortiAuthenticator with the necessary settings for SMS-based authentication. This includes setting up an SMS gateway, defining the message template, and configuring the authentication method.

 

2. Create a guest user account on FortiAuthenticator using the guest user creation wizard. This will allow you to collect the guest's first name, last name, and mobile number.

 

3. Once the guest account is created, generate an SMS verification code and send it to the guest's mobile number.

 

4. The guest can then enter the verification code on the FortiAuthenticator login page to gain access.

 

Keep in mind that the specific steps may vary depending on the version of FortiAuthenticator you are using. I recommend consulting the FortiAuthenticator documentation or contacting Fortinet support for more detailed instructions.

 

I hope this helps! Let me know if you have any further questions or if there's anything else I can assist you with.

Thanks & Regards,
Faizal Emam
Thanks & Regards,Faizal Emam
oalkhatib

Thanks Faiza.

 

however, the point here is we dont want to predefine a user account for guest in our case.

assume that you want to offer wifi in airport or staduim where users once trying to connect to the wifi ssid, they are redirected to captive portal and then asked to enter their basic info and mobile number. after that they are prompt to enter the sms code and get connected if the code is correct. this process should not envolve the admins in any way assuming the access requests will be hundreds or thousands and at any time in the day.

 

thanks

Faiza_Emam_Delhi

Sure, here are some solutions to automate the guest Wi-Fi access process in a captive portal scenario:

 

1. Implement a captive portal solution that allows users to sign up for Wi-Fi access with their basic information and mobile number. Once they sign up, they will receive an SMS code that they can use to connect to the Wi-Fi. This process can be fully automated, and the admin does not need to be involved.

 

2. Use a guest Wi-Fi management platform that can automate the guest Wi-Fi access process. The platform can send SMS codes to users automatically and allow them to sign up for Wi-Fi access without any manual intervention. The platform can also provide analytics on the guest Wi-Fi usage.

 

3. Use an authentication and authorization solution that can integrate with your captive portal. The solution can authenticate users based on their mobile number and send them an SMS code to authorize access. This process can be fully automated and does not require any manual intervention from the admin.

 

Overall, there are several solutions available to automate the guest Wi-Fi access process in a captive portal scenario, and the right solution depends on your specific needs and requirements.

Thanks & Regards,
Faizal Emam
Thanks & Regards,Faizal Emam
oalkhatib

Thanks Again Faiza but the question was specifically on fortiauthenticator and the removed features for guest access that was there in 6.1 and not any more in 6.5. for instance, the social media access

Faiza_Emam_Delhi

I apologize for misunderstanding your question earlier. Yes, you are correct that FortiAuthenticator version 6.5 no longer includes the social media access feature for guest access. This means that guests will not be able to authenticate using their social media accounts, such as Facebook or Twitter. Instead, they will need to use other authentication methods, such as SMS-based authentication or email-based authentication. Additionally, FortiAuthenticator 6.5 has removed support for third-party captive portal solutions, which means that administrators will need to use Fortinet's own captive portal solution for guest access. Please let me know if you have any further questions on this topic.

Thanks & Regards,
Faizal Emam
Thanks & Regards,Faizal Emam
Top Kudoed Authors