Wireless guest management is not working after version upgrade to 5.2.3

technologist36 · ‎07-29-2015

Dear all,

Auto-generated guest users' usernames and passwords aren't working for guests. Configuration isn't changed after the upgrade. I have a user group of type "guest" was created and mapped to the auto-generated users. An address range object was created that defines the range of DHCP addresses of wireless clients. A policy rule was created by adding the user group and the address range as source and "all" destination toward the internet.

Now, a guest came in and tried to enter the auto-generated username and password in the authentication portal and portal keeps asking for credential.

Does this happen to anybody else?

Thanks

technologist36 · ‎09-08-2015

Upgraded to 5.2.4 and still not working.

Need Help Plz.....

Chris · ‎12-26-2015

Hi,

you said ".. A policy rule was created by adding the user group".

Is the user group of Type "guest" ?

This is required otherwise it will not run.

I have the same configuration with a FGT60D for Wifi and it runs.

technologist36 · ‎12-26-2015

James,

Yes, I've mentioned that I am using a group of type guest in my first post. Anyways, it's working now after I renamed the auto-generated users. For example, renamed "user0001" to "Scott" and it worked. Strange but worked.

Thanks

Chris · ‎12-27-2015

Hi Technologist, sri you are right. I have overlooked the part with type guest. I have now tested it again with autogenerated user and it works. Username here was user0012. By the way I am now on V5.2.5 you also?

Which device you have?

technologist36 · ‎12-27-2015

James, no harm done at all. No, I am still on 5.2.4 and to be honest I don't want to upgrade unless there is an urgent need to do so. FSSO had a bug in 5.2.3 that forced me to upgrade to 5.2.4. FSSO now is working fine and I see no reason to upgrade.

Device is 80C (old b@st@rd) :)

Thanks

Chris · ‎12-27-2015

I think there is an urgent need to upgrade to 5.2.5. Have you seen this bulletin from Fortinet? --snip ------ Customer Support Bulletin CSB-151124-1 "FortiGate flash disk errors" Potentially Affected Products: Low end FortiGate/FortiWifi models with flash storage 20C, 40C, 60C, 80C, 60D, 90D, 100D

Link: https://support.fortinet....lletin.aspx?section=46

technologist36 · ‎12-27-2015

Thanks for posting this bulletin link. Okay, I hope these issues are really fixed as this bulletin claims. My experience with upgrading FG units is not good because sometimes a failure happens somewhere or configuration doesn't work anymore. I think it's a good idea to read public comments who upgraded to this version and see if it's stable. I won't take the risk until it's properly tested.

Thanks

Chris · ‎12-27-2015

They have reduced the usage of flash memory as far as i can read. It is strange that some processes cause heavy disk usage to flash like DHCP/PPPOE or Device identification. However the flash is not replaceable . It is firmly connected with the mainboard. Yes I also wait when a new Firmware comes up und read carefully the forum. My motto is also: "never change a running System." In the years who I had to do with Fortigate Units there were relatively few problems with upgrades. But in some special cases you can never rule out what happens. A short question I have on the subject and maybe you can help me. When a user has been successfully authenticated and then uses the Wifi-Device later again he must already authenticate again. Do you have this behavior seen too?

technologist36 · ‎12-27-2015

James, this has to do with authentication timeout. By default, it's 480 sec. As a security best practice, authentication timeout is necessary. Why is it a problem to you?

Thanks