Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortigate + Cisco WCL + APs , active directory auth?

Hi all..


I'm currently using FSSO to authenticate my windows users with the Fortigate, where I have web filtering policies set up, etc so they can/cant get to certain categories.


I want to do the same for wireless devices connecting to our internal WiFi. We have Cisco AP's connected to a Cisco WLC 2504 wireless controller. I was able to set up LDAP on the WLC, which prompted me for a login on my phone, it took my AD credentials and let me in. However, the Fortigate never recognized me as my AD user.. only as the IP address of my phone. So I wasn't falling into the right web filtering policies, etc.


Whats the right way to accomplish this? If I can provide more useful details, please let me know. Thanks!

New Contributor

Never got a response to this? :\

New Contributor III

Hi Joe, The WLC is only check your username and password and perform an action if matched. It is not generate a logon event in order FSSO allow you to browse internet. In that case i believe that Fortiauthenticator can help you with your design.

New Contributor

I still haven't figured this out and its come back up on the project list. Do I really need more software/hardware to accomplish this?


Again, Cisco WLC/AP's connecting to Fortigate 200D running 5.4.9.


I use FSSO for desktops to authenticate against Active Directory, so I can see who is who on web filtering. I want to do the same thing for wireless devices. Right now, all I see is IP addresses on wifi subnet.


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors