FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
bmeta
Staff
Staff
Description
This article describes how to configure the keepalive page to show on a user PC when the user accesses to the internet.

Solution
The authentication keepalive page can be enabled by the CLI command:
# config system global
    set auth-keepalive enable
end
The authentication keepalive page is disabled by default.
When enabled the following HTML page will be displayed and the firewall authentication keepalive will prevent sessions from ending when the authentication timeout ends.

caunon_FD33604_FD33604.jpg

Authentication keepalive keeps authenticated firewall sessions from ending when the authentication timeout ends.
In the web-based manager, go to User & Device -> Authentication  and set the 'Authentication Timeout'.

Note.
The page can come with SSL warnings if the certificate does not match this page.
Use these to influence the address to redirect to (must be resolvable).
# config firewall policy
    edit <ID>
        set auth-redirect-addr <FQDN>
    end
# config firewall auth-portal
    set portal-addr <FQDN>
end

Contributors