Fortinet white logo
Fortinet white logo

Administration Guide

Portal configuration - version 1 settings

Portal configuration - version 1 settings

Version 1 settings tab allows you to configure the how portal pages appear in the web browser if you are using legacy portal pages.

This tab is only available if Use Portal Version 1 is enabled on the Portal Configuration view. It controls which portal pages are used when network users log onto your network. Portal Version 1 represents existing portal pages created when you originally set up FortiNAC. Disabling the Portal Version 1 pages enables pages that are distributed with FortiNAC that can be edited using the Content Editor.

Properties Settings in this window include:

  • Labels — Displays a text label below the portal page header.
  • Images — Displays an image in the portal page header at the top of the page.
  • Links — Specifies a web page that displays in the browser when the login credentials are successfully authenticated.
Settings

Field

Definition

Portal Settings

Web Page Label

Banner that displays at the top of the portal page when a user attempts to connect to the network.

Web Page Footer

Text that displays across the bottom of the portal page when a user attempts to connect to the network.

Upload Image Button

Browse for and upload an image to display on the portal page.

Home Page URL for Successful Registration

URL to which the users are directed when they have successfully registered. Copy this URL into a browser to verify that the correct page is displayed.

Resolve URL button

Resolves the IP of the URL selected for the Home Page.

Standard User Authentication

Authentication Type

Valid users are allowed to access certain network areas on a regular basis. Choose from three authentication types:

Local—Validates the user to a database on the local FortiNAC appliance.

LDAP—Validates the user to a directory database. FortiNAC uses the LDAP protocol to communicate to an organization’s directory. See Directories for configuration information.

RADIUS—Validates the user to a RADIUS server.

Caution

PAP encryption must be set up on the RADIUS server for encryption/decryption of user names and passwords that are sent to and from FortiNAC, such as the user name and password for the Validation Account used for communication between FortiNAC and the RADIUS server.

Note

If you are not using Version 1 Portal Pages, authentication type is set in the Content Editor under Global > Settings > Standard User Authentication Type.

  1. Select System > Portal Configuration.
  2. Click the Version 1 Settings tab. This tab is only displayed if the Use Portal Version 1 option is enabled on the Portal Configuration view.
  3. Under the Portal Settings section, enter a text label into the Web Page Label field. This label displays below the header image on your portal pages. Typically, this is the name of the company or organization.
  4. Enter a text label into the Web Page Footer field. This label displays at the bottom of your portal pages, such as "For assistance, contact the help desk.".
  5. To display an image on your portal page, click the Upload Image button. Navigate to the image file and select it.
  6. To specify a web page for successful registration, enter a URL in the Home Page URL for Successful Registration field.

    Note

    Cut and paste the link into a browser to verify that the URL directs you to the correct page.

  7. Click the Resolve URL button. The URL resolves to an IP. The IP address of the URL is entered into the field.
  8. The Standard User Authentication section determines how users are authenticated.
  9. Click Apply.

Enable the common account

Note

The Common Account is only available if the Use Portal Version 1 option is enabled on the Portal Configuration view. The Common Account can only be used with legacy portal pages.

Allows you to configure a generic or common account for visitors. If you check Enable in the Common Account section, visitors view a different login screen and do not enter a user name and password. The visitor enters only predefined information, such as first name, last name, telephone number, and so on. To be authenticated, the visitor uses the default user name and password that you specify in the Common Account section.

Configure the following parameters for Common accounts:

  • Enable — Enables default user name and password for guest access.
  • User Name — Specifies a default user name for the default guest account. You may choose a user name such as defaultguest to easily identify the statistics of all default guests.
  • Password — Specifies a default password for the default guest accounts. The guest does not enter this password. FortiNAC uses this password internally to authenticate the guest to an existing user entry.

  1. Select System > Portal Configuration.
  2. Click on the Version 1 Settings tab.
  3. In the Common Account section of the window select the Enable check box.
  4. Enter a default user name into the User Name field.
  5. Enter a default password into the Password field.
  6. Click Apply.

Reserved portal page file names

If you choose to create your own pages for the portal, you must avoid using any of the following file names. Files with the names listed below are used by FortiNAC for the pages distributed with the program. These files should never be modified outside of the Portal Configuration Content Editor. Future upgrades could overwrite those changes.

  • AgentDownload2.jsp
  • CustomLogin.jsp
  • Disagree.jsp
  • Error.jsp
  • ExternalLogOff.jsp
  • Fail.jsp
  • FailureInfo.jsp
  • FindMac.jsp
  • GameRegister.jsp
  • GuestLoginGCS.jsp
  • index-authentication.jsp
  • index-deadEnd.jsp
  • index-hub.jsp
  • index-registration.jsp
  • index-remediation.jsp
  • index-vpn.jsp
  • Instructions.jsp
  • LoginMenu.jsp
  • LogOff.jsp
  • LogOffSuccess.jsp
  • Policy.jsp
  • PortalIndex.jsp
  • RemoteScan.jsp
  • RemoteSuccess.jsp
  • RemRedirect.jsp
  • Success.jsp
  • ValidUserLogin.jsp
  • VPNLogin.jsp

Anything starting with portalCommon should be avoided.

portalCommon/**

Portal configuration - version 1 settings

Portal configuration - version 1 settings

Version 1 settings tab allows you to configure the how portal pages appear in the web browser if you are using legacy portal pages.

This tab is only available if Use Portal Version 1 is enabled on the Portal Configuration view. It controls which portal pages are used when network users log onto your network. Portal Version 1 represents existing portal pages created when you originally set up FortiNAC. Disabling the Portal Version 1 pages enables pages that are distributed with FortiNAC that can be edited using the Content Editor.

Properties Settings in this window include:

  • Labels — Displays a text label below the portal page header.
  • Images — Displays an image in the portal page header at the top of the page.
  • Links — Specifies a web page that displays in the browser when the login credentials are successfully authenticated.
Settings

Field

Definition

Portal Settings

Web Page Label

Banner that displays at the top of the portal page when a user attempts to connect to the network.

Web Page Footer

Text that displays across the bottom of the portal page when a user attempts to connect to the network.

Upload Image Button

Browse for and upload an image to display on the portal page.

Home Page URL for Successful Registration

URL to which the users are directed when they have successfully registered. Copy this URL into a browser to verify that the correct page is displayed.

Resolve URL button

Resolves the IP of the URL selected for the Home Page.

Standard User Authentication

Authentication Type

Valid users are allowed to access certain network areas on a regular basis. Choose from three authentication types:

Local—Validates the user to a database on the local FortiNAC appliance.

LDAP—Validates the user to a directory database. FortiNAC uses the LDAP protocol to communicate to an organization’s directory. See Directories for configuration information.

RADIUS—Validates the user to a RADIUS server.

Caution

PAP encryption must be set up on the RADIUS server for encryption/decryption of user names and passwords that are sent to and from FortiNAC, such as the user name and password for the Validation Account used for communication between FortiNAC and the RADIUS server.

Note

If you are not using Version 1 Portal Pages, authentication type is set in the Content Editor under Global > Settings > Standard User Authentication Type.

  1. Select System > Portal Configuration.
  2. Click the Version 1 Settings tab. This tab is only displayed if the Use Portal Version 1 option is enabled on the Portal Configuration view.
  3. Under the Portal Settings section, enter a text label into the Web Page Label field. This label displays below the header image on your portal pages. Typically, this is the name of the company or organization.
  4. Enter a text label into the Web Page Footer field. This label displays at the bottom of your portal pages, such as "For assistance, contact the help desk.".
  5. To display an image on your portal page, click the Upload Image button. Navigate to the image file and select it.
  6. To specify a web page for successful registration, enter a URL in the Home Page URL for Successful Registration field.

    Note

    Cut and paste the link into a browser to verify that the URL directs you to the correct page.

  7. Click the Resolve URL button. The URL resolves to an IP. The IP address of the URL is entered into the field.
  8. The Standard User Authentication section determines how users are authenticated.
  9. Click Apply.

Enable the common account

Note

The Common Account is only available if the Use Portal Version 1 option is enabled on the Portal Configuration view. The Common Account can only be used with legacy portal pages.

Allows you to configure a generic or common account for visitors. If you check Enable in the Common Account section, visitors view a different login screen and do not enter a user name and password. The visitor enters only predefined information, such as first name, last name, telephone number, and so on. To be authenticated, the visitor uses the default user name and password that you specify in the Common Account section.

Configure the following parameters for Common accounts:

  • Enable — Enables default user name and password for guest access.
  • User Name — Specifies a default user name for the default guest account. You may choose a user name such as defaultguest to easily identify the statistics of all default guests.
  • Password — Specifies a default password for the default guest accounts. The guest does not enter this password. FortiNAC uses this password internally to authenticate the guest to an existing user entry.

  1. Select System > Portal Configuration.
  2. Click on the Version 1 Settings tab.
  3. In the Common Account section of the window select the Enable check box.
  4. Enter a default user name into the User Name field.
  5. Enter a default password into the Password field.
  6. Click Apply.

Reserved portal page file names

If you choose to create your own pages for the portal, you must avoid using any of the following file names. Files with the names listed below are used by FortiNAC for the pages distributed with the program. These files should never be modified outside of the Portal Configuration Content Editor. Future upgrades could overwrite those changes.

  • AgentDownload2.jsp
  • CustomLogin.jsp
  • Disagree.jsp
  • Error.jsp
  • ExternalLogOff.jsp
  • Fail.jsp
  • FailureInfo.jsp
  • FindMac.jsp
  • GameRegister.jsp
  • GuestLoginGCS.jsp
  • index-authentication.jsp
  • index-deadEnd.jsp
  • index-hub.jsp
  • index-registration.jsp
  • index-remediation.jsp
  • index-vpn.jsp
  • Instructions.jsp
  • LoginMenu.jsp
  • LogOff.jsp
  • LogOffSuccess.jsp
  • Policy.jsp
  • PortalIndex.jsp
  • RemoteScan.jsp
  • RemoteSuccess.jsp
  • RemRedirect.jsp
  • Success.jsp
  • ValidUserLogin.jsp
  • VPNLogin.jsp

Anything starting with portalCommon should be avoided.

portalCommon/**