Captive portals
A captive portal is a convenient way to authenticate web users on wired or WiFi networks. This section describes:
- Introduction to Captive Portals
- Configuring a captive portal
- Customizing captive portal pages
Introduction to Captive Portals
You can authenticate your users on a web page that requests the user’s name and password. Until the user authenticates successfully, the authentication page is returned in response to any HTTP request. This is called a captive portal.
After successful authentication, the user accesses the requested URL and can access other web resources, as permitted by security policies. Optionally, the captive portal itself can allow web access to only the members of specified user group.
The captive portal can be hosted on the FortiGate unit or on an external authentication server. You can configure captive portal authentication on any network interface, including WiFi and VLAN interfaces.
When a captive portal is configured on a WiFi interface, the access point initially appears open. The wireless client can connect to the access point with no security credentials, but sees only the captive portal authentication page.
WiFi captive portal types:
- Authentication — until the user enters valid credentials, no communication beyond the AP is permitted.
- Disclaimer + Authentication — immediately after successful authentication, the portal presents the disclaimer page—an acceptable use policy or other legal statement—to which the user must agree before proceeding.
- Disclaimer Only — the portal presents the disclaimer page—an acceptable use policy or other legal statement—to which the user must agree before proceeding. The authentication page is not presented.
- Email Collection — the portal presents a page requesting the user’s email address, for the purpose of contacting the person in future. This is often used by businesses who provide free WiFi access to their customers. The authentication page is not presented.
I don’t see the option for captive portal->email collection on FortiOS 5.6 in a FortiGate 60E… Any advice
hello
i want to add a short video in the portal captive authentification page is it possible to do it using fortipresence. or any other fortinet product
thanks for help
Any idea if you can trigger the portal for only certain websites or URLs? I’d like to block access to my management servers via a portal (say, if a user connects to anything in 172.35.0.2/24). However, if they are off to the internet, I don’t want to show them a portal.