Greetings,
I should configure a WiFi SSID on a UniFi Controller that performs redirects to a Captive Portal on a FortiGate so that the users are picked up by a FortiAuthenticator.
In particular:
It can be done?
If that's not possible, I was thinking about:
Thank you very much for helping.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @Thonno
Here is how you configure active portal:
You can create on FGT a remote group from FAC and use it in active portal.
Once user authenticate on active portal they can go online.
Hi @Thonno
Here is how you configure active portal:
You can create on FGT a remote group from FAC and use it in active portal.
Once user authenticate on active portal they can go online.
Does the Captive Portal appear automatically or does the user have to open a browser?
Mainly users will be connected with Smartphones, which is why I would have preferred Unifi to do Radius redirects or similar for the captive portal on FortiGate.
anyway thanks so much for the reply
FG portal doesn't open automatically, user has to open browser and type an address.
Since the user already authenticates with RADIUS I think you can use RSSO instead of using captive portal. Please check here if it is what you want.
Created on 03-30-2024 12:55 PM Edited on 03-30-2024 12:56 PM
Thanks AEK.
Just a question, in case I activated the Captive Portal, the user would have to authenticate each time the browser / session was opened or only the first one time?
Does the authentication remain in the cache for a certain number of hours?
You're welcome Thonno
There is a timeout, if no activity from user for I think about 10 or 20mn (default setting that can be changed), then his session times out and portal will be triggered again when user wants access some site on the browser.
Hi Aek,
I made the necessary configurations temporarily using a Huawei AP.
I configured a VLAN Interface on the FortiGate and created a SSID on the Huawei Access Point without a password.
Immediately after connecting to the SSID, the FortiGate Captive Portal is automatically opened and by entering the credentials taken from the FortiAuthenticator everything works.
I set the timeout to 24 hours and even logging out and logging back in after a few minutes everything works fine.
Thank you so much for your help, you were very kind!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.