FortiWLC – OAuth Authentication Support

OAuth Authentication Support

FortiWLC (SD) along with Fortinet Connect (MCT) 14.10.0.2 supports OAuth authentication for captive portal users. In a typical scenario if a user (for example: a hotel guest) tries to access an external web site, they are re-directed to a captive portal page for authentication. In

OAuth Authentication Support

the captive portal page, the user must register with a username, password, e-mail etc and complete the authentication process after receiving confirmation from the hotel captive portal.

  • OAuth support must be enabled in the Fortinet Connect
  • Only wireless clients that access SSL3 enabled (HTTPS) destination can use this feature
  • If the wireless client uses a proxy server located on the wired network, then the client will be granted access to the internet till the login timeout expires.
  • Supported only for ESS profiles in tunneled mode.
  • Supported only for IPv4 clients.

By enabling OAuth, users can use any of the social media (Facebook, Google, Twitter, OpenID, etc) login credentials that support OAuth for captive portal authentication. For your users, this alleviates the need to spend time to register or remember passwords for repeated authentication.

This entry was posted in Administration Guides, FortiWLC on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.