Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
suportewispot
New Contributor

[FortiLAN Cloud] How to manipulate Session-timeout and Idle-Timeout by RADIUS Authentication

Hi Team,

 

  I'd like to know if it's possible manipulate the user's session by RADIUS Authencation using FortiLAN with FortiAP.

 

  Because once the user has authenticated through "My Captive Portal", the user's session is always handled by the two fields Captive Portal User Authentication Timeout and Client Idle Timeout in Configuration > Network.

 

suportewispot_0-1666204971136.png

 

      I don't know if fortinet understands the WISPr RADIUS attributes or do I need to use a specific dictionary.

 

Versions:

 FortiLAN  | v22.3_0323

 FortiAP - FAP221E | 7.2.1

 

Thank you in advance !!!!

 

4 REPLIES 4
Jean-Philippe_P
Moderator
Moderator

Hello suportewispot!

 

Thanks for posting on the Fortinet Community Forum.

 

I will for assistance and get you documentation or help. We will contact you as soon as possible in this thread.

 

Kindest regards,

Jean-Philippe - Fortinet Community Team
vpatil
Staff
Staff

@suportewispot 

 

If the Captive Portal page is hosted on an External Authentication Server (RADIUS) then you could try using RADIUS Accounting to control user's session:

 

https://docs.fortinet.com/document/fortilan-cloud/22.3.0/fortilan-cloud-user-guide/28299/adding-a-ra...

 

vpatil_0-1666883294262.png

 

Currently, I could not find WISPr info in the FortiLAN Cloud docs.

 

vpatil
suportewispot
New Contributor

Hi @vpatil 

 

Thank you for the support.

 

The issue is that accounting is not being sent to our RADIUS, I've already opened a ticket about it.

 

But, for a vendor to understand these sessions manipulations, I need to know what attributes that vendor operates on

 

As you can see in Cisco Meraki, for example:

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Configuring_RADIUS_Au...

suportewispot_0-1666884533119.png

 

 

vpatil

@suportewispot 

 

1. I'm assuming that you've already added the following FortiLAN Cloud servers in the allowed list as clients to access the RADIUS server:

  • Global server - 173.243.132.78
  • EU server - 154.52.10.243
  • JP server - 173.243.132.207

https://docs.fortinet.com/document/fortilan-cloud/22.3.0/fortilan-cloud-user-guide/28299/adding-a-ra...

 

2. Yes, a support ticket would be better to check further as to what RADIUS attributes the FortiLAN Cloud servers (RADIUS Client) support.

vpatil
Labels
Top Kudoed Authors