Configure Captive Portal Pass-through
KB Article Type: Configuration
RELATED PRODUCTS: controller
RELATED SOFTWARE VERSIONS: N/A
KEYWORDS: controller, captive portal, security, Pass-through
CONFIGURATION STEPS:
To enable the pass-through firewall filter ID, follow these steps:
GUI Steps:
Step 1 : Click "Configuration" tab >> "Security" >> "Profile".
Step 2 : Create a "Security profile" with “L2 modes allowed” as "Clear” and also enable captive portal by selecting “WebAuth”
Step 3 : Set the “Allow mentioned IP/Subnet to pass through Captive portal” field by entering an IP address for VPN/IPSec filtering/pass-through. When users log in to VPN, the browser-based Captive Portal login page is bypassed.
Step 4 : Set the “Subnet Mask for allowed IP/Subnet to pass through Captive portal” field by entering the subnet mask for the pass-through IP address.
Step 5 : Create a new "ESS profile" and map the ESS profile to the above created security profile.
CLI Steps:
To Configure the Security and ESS profile:
MeruController1# configure terminal
MeruController1(config)# security-profile <security profile name>
MeruController1(config-security)# allowed-l2-modes clear
MeruController1(config-security)# captive-portal webauth
MeruController1(config-security)#captive-portal-passthru
<ip_addr subnet_mask of the network that needs to pass thru without
captive-portal authentication>
MeruController1(config-security)# exit
MeruController1(config)# essid <ess profile name>
MeruController1(config-essid)# security-profile <security profile name>
MeruController1(config-essid)# exit
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.