FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
bmeta
Staff
Staff
Article Id 196620

Description

 

This article describes how to configure the keepalive page to show on a user configuration when the user accesses the internet.

Solution

 

By default, the authentication portal expires after the login prompt. To maintain a session of portal page and achieve a logout feature, it is possible to enable the keepalive feature through a global setting.

 

Authentication keeps alive is disabled by default. Enable it in a global setting via CLI.

 

# config system global

    set auth-keepalive enable

end

 

Aftter the login attempt, keepalive with the logout button will be displayed. The session time depends on the users setting and global settings.

 

Anthony_E_1-1673418944190.png

 

It is possible to modify user auth timeout and session time for more granularity.

 

# config user setting

    set auth-cert "Fortinet_Factory"

    set auth-on-demand always

    set auth-timeout 1440

    set auth-timeout-type new-session

end

 

# config sys global

(global) set auth-session-limit block-new 

block-new          <----- Block new user authentication attempts.

logout-inactive    <----- Logout the most inactive user authenticated sessions.

 

It is possible to view the authenticated user inside Dashboard 'User & Device' on a Firewall Users section.

 

Anthony_E_2-1673418944193.png