Security

last person joined: 17 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Captive portal with Fortigate

This thread has been viewed 1 times
  • 1.  Captive portal with Fortigate

    Posted Jan 14, 2018 10:03 AM

    I am trying to create a captive portal page where the users should accept the terms.

     

    At the website of Fortigate I have found the following:

     

    http://cookbook.fortinet.com/using-an-external-captive-portal-for-wifi-security/

     

    The web portal page is a script that gathers the user’s logon credentials and sends back to the FortiGate a POST message of the format https://<FGT_IP>:1000/fgtauth with data magic=session_id&username=<username>&password=<password>. (The magic value was provided in the initial FortiGate request to the web server.) The script used for this example is here.

     

    I have seen that the initial redirect looks something like:

    https://192.168.1.204/guest/fortigate_cp.php?login&post=http://172.16.2.1:1000/fgtauth&magic=030d0d90d699c5a8&usermac=74:da:38:9f:cb:93&apmac=70:4c:a5:5e:3f:24&apip=172.16.2.1&userip=172.16.2.10&ssid=Captive%20portal&apname=FGT51E3U17001115&bssid=00:00:00:00:00:00&_browser=1

     

    So the "magic" id is provided by the initial redirect from the fortigate.

     

    I edited the footer HTML of the captive portal, there you can see that the values are provided as well

    Screen Shot 2018-01-14 at 15.55.04.png

     

    I trying to find a way to send the POST message after the acceptence of the terms.

    So far, I have tried to following:

     

    Screen Shot 2018-01-14 at 15.58.16.pngScreen Shot 2018-01-14 at 15.58.53.png

     

    With no succes.

     

    Does anybody have any iedeas how to populate the POST URL with the right attributes?



  • 2.  RE: Captive portal with Fortigate

    Posted Jan 14, 2018 10:06 PM

    Hi,

     

    have you taken a look at the following document?

     

    Integration with 3rd Party Enforcement Points ClearPass & Fortinet utilizing RESTful API and RADIUS Accounting

     

    https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=18160