The authentication in the fortinet firewalls is a gimmick add-on, and not supposed to be a corporate grade solution. So it is not possible to get around this, as it basically allows this ip for the set amount of time. (imagine a terminal server environment, everyone would be coming from one ip address)
You should really look at using a proxy server instead, and get that to auth.
look for one that does NTLM authentication, as then the users do not have to type anything in at all, as its done transparently using windows username/password pair.
I tested ' freeproxy' recently and was impressed that the NTLM worked on a free program, but couldnt see a way to restrict to a group. (would just allow all domain/local machine users).
I can highly recommend the bluecoat appliance, but it is quite expensive.
UK Based Technical Consultant
FCSE v2.5
FCSE v2.8
FCNSP v3
Specialising in Systems, Apps, SAN Storage and Networks, with over 25 Yrs IT experience.