Description
Solution
This article explains how to display an authentication web page instead of a simple browser pop-up for user authentication.
It is assumed that user authentication has been enabled and that users are getting a browser pop-up to login instead of the web page for the captive portal.
It is assumed that user authentication has been enabled and that users are getting a browser pop-up to login instead of the web page for the captive portal.
Solution
In order to show an authentication web page it is necessary to configure the following parameter on the user setting:
After that the users will get the authentication web page:
Enable or disable support for HTTP basic authentication for identity-based firewall policies.
HTTP basic authentication usually causes a browser to display a pop-up authentication window instead of displaying an authentication web page. Some basic web browsers, for example, web browsers on mobile devices, may only support HTTP basic authentication.
# config user setting
# show full-configuration
set auth-type http https ftp telnet
set auth-cert "Fortinet_CA_SSLProxy"
set auth-ca-cert "Fortinet_CA_SSLProxy"
set auth-secure-http enable
set auth-http-basic enable <<<<<<<<<<
set auth-multi-group enable
set auth-timeout 300
set auth-timeout-type idle-timeout
set radius-ses-timeout-act hard-timeout
set auth-blackout-time 0
set auth-invalid-max 5
set auth-lockout-threshold 3
set auth-lockout-duration 0
end
# config user setting
# set auth-http-basic disable <<<<<<<<<<
# end
After that the users will get the authentication web page:
Enable or disable support for HTTP basic authentication for identity-based firewall policies.
HTTP basic authentication usually causes a browser to display a pop-up authentication window instead of displaying an authentication web page. Some basic web browsers, for example, web browsers on mobile devices, may only support HTTP basic authentication.
