Hi,
I am trying to set up Fortinet Authenticator with 2fa using Radius, I have got everything working and the user can get token via mobile phone. Now the first login screen does not have the forgot password option, but the second screen to the actual portal has it. How to add that missing function to the first firewall login screen as well? From our user perspective it would be nice to have the option recover the password via email, as it has been set up in the user profile, but you do not have that button :)
Please see attached picture about the login screen I mean.
Thanks in advance!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
not clear to me where you got login screen from. If it was from FortiGate (FGT) or FortiAuthenticator (FAC).
So I'd recommend to get through Replacement Messages and track down who showed the logon.
Second, FAC > Authentication > Guest Portals > Portals .. definition of your portal allow/disallow certain Pre-login/Post-login Services like Password Reset etc. Check there what is set, and what are Replacement messages here.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Hi,
yeah it seems that it is called captive portal. I can't find any way to change the settings or replace the message... weird stuff.
I found this: "Captive portals are configured on network interfaces. On a physical (wired) network interface, you edit the interface configuration in Network > Interfaces and set Security Mode to Captive Portal" But I have no idea what that Security mode means. We control our firewall with this captive portal, not wifi connection.
That captive portal setting on FortiGate, or more precisely 'external' captive portal setting, usually points to URL on FortiAuthenticator where there is Guest portal setup driving what is going to happen for users coming in redirected from FortiGate.
So hint is still the same. Check Replacement messages and have a look for one you see. Then for test modify the one you think you see and check if change is propagated in new logon, just to be sure you reached/found the right replacement message.
Then modify according to your needs.
But I guess that if that is Guest portal, then you might just simply miss password reset option turned on in pre-login phase config. Toggling this on will be far easier then messing with replacement messages.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.