Hi all,
I provide users with Fortinet Wifi and ISE captive portal. After users fill in the required information on the captive portal, ISE drops an e-mail them their credential. For checking their mailbox, the user needs limited access. In order to get this access, they need to exit the captive portal, by clicking 'Cancel' and 'Use Without Internet' at the top right. Then, they will be able to go to their e-mails and get user information with the limited access they receive. When they open a page and redirect to the captive portal, they will be able to log in with their information.
I don't want users to have to click 'Cancel' and 'Use Without Internet' to get restricted access.
My request is that when the user clicks on the ssid, IOS and Android should not direct them directly to the captive portal. If they open a tab, let them be redirected. However, they will have received the network IP and I will be able to give them restricted access. They will open a web page, and redirect immediately.
What would your suggestions be?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello omerfg34,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello
If I understand well you need to make an exception in you active portal, which is usually a basic feature in all (or most) active portals.
Since you have ISE active portal, I'm sure you can find in the ISE admin guide or Cisco forum how to configure exceptions in this software.
please refer to the following document for captive portal
> IOS and Android should not direct them directly to the captive portal.
That is done by the client OS probing for internet connectivity. A request to change this is a request to developers of IOS/Android, not Fortinet.
Thanks for your time. I found the solution. When I give an access to 'captive.apple.com', clients won't be redirected the portal automatically. When client tries to open a web page, then the client will be redirected.
The "continue without login" prompt usually happens after a connectivity-probe sent by the device detects a portal. You could in theory find out what those probed destinations are (this info should be searchable online) and exclude them from captive portal. However, keep in mind that when the users finally try to access something, it will typically be HTTPS in this day and age, and that will start triggering certificate warnings.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1666 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.