Configuring Captive Portal
Captive Portal configurations for wireless access to visitors are to be accomplished on both FortiPresence VM and FortiGate/FortiAPCloud/FortiWLC based on the deployed access points. You are required to configure RADIUS profiles for authentication and specify the Fully Qualified Domain Names (FQDN URL) that will be exempted and enabled to process social WiFi login. For example, to allow Facebook login, enter www.facebook.com. The list of FQDNs are available on the FortiPresence VM GUI – Portal > Portal Settings > RADIUS Clients.
Note: The RADIUS server/FortiPresence Connect IP address is the Application server IP address. Port 1812 is used for authentication and 1813 for accounting.
This section describes the Captive Portal configurations on the FortiGate/FortiAPCloud/FortiWLC. Prior to configuring Captive Portal ensure the following:
- Sites are created – See Site Management
- Portals are configured on FortiPresence VM – See Portal Management.
Follow this procedure to create RADIUS clients on FortiPresence VM.
- On the FortiPresence VM GUI navigate to Portal > Portal Settings > Radius Clients to create a RADIUS client for the public IP address of the FortiAPCloud.
- Enter the RADIUS Client Name, RADIUS Client IP, RADIUS Secret Key, and select the Device Type as FortiGate/FortiAPCloud/FortiWLC. Click Add.
For FortiAPCloud setups:
Configure the RADIUS Client IP address based on your region. For the latest RADIUS client IP address, navigate to FortiAP Network > Configure > SSID on the FortiAPCloud GUI.
FortiAPCloud Global – 173.243.132.77
FortiAPCloud Europe – 81.201.100.238
FortiAPCloud Japan – 173.243.132.207
Configure the Project Secret Key to fortipresence. - Navigate to Portal Management and select the site to attach the configured RADIUS client.
- Select Radius Configuration and click Attach against the RADIUS client created for FortiAPCloud. The captive portal URL is generated.