Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

explicit proxy + kerberos + captive portal


I had worked on this for a week, however no result :c

Does anybody have tested a scenario, when we have explicit proxy with kerberos and captive portal as a fallback?

The result I expect: the workstation inside domain needs to use kerberos. the workstation outside domain needs to use captive portal.

Actually, I have tested two auth rules : {basic, negotiate}, {form-based}. The priority is descending. Kerberos works well in contrast form-based. Instead of captive portal I see "proxy is refusing connection", but html page of form comes to workstation (have checked using wireshark).


Hi mdraevich, this is quite old post, but anyway. It's difficult to guess what you want to achieve without any config snippet at all, but let me give it a try.


First I noticed in your post is "priority" in auth-rules. There are no priorities. Either rule matches or not. It's matching based *typically* on src address.

I think your non-domain users simply match the same auth-rule, but not having any credentials to provide, proxy is refusing them. Maybe.


If it's still actual, please try to uncover more about your (seemingly interesting) setup.



smithproxy hacker -

Top Kudoed Authors