Hi, we would like to enable DPI within a school environment. To do this we would need to deploy the FortiGate webfilter cert to all devices connected to WiFi. The issue is that the bulk of these devices are BYOD and not domain members. Does anyone know if there is a way to do this FortiAuthenticator is not deployed at site?
As far as I know there is no built in mechanism on FortiGate to do this. You can distribute it via mail or to instruct the user to download this certificate from an internal webserver.
There is no solution from Fortinet that I know of, and Fortiauthenticator would not help either. You are talking about MDM solution potentially, but even then if the byod devices are managed by this mdm, not someone else’s devices just connecting via wifi.
Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.
Not a solution to your problem, but may I ask why you need to do DPI on a BYOD network?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.