0 оценок0% нашли этот документ полезным (0 голосов)
113 просмотров7 страниц
Guest users use web applications and authenticate through a portal using a web browser. The receptionist for the company is provided a limited access admin account to distribute temporary password access to the wireless network.
Guest users use web applications and authenticate through a portal using a web browser. The receptionist for the company is provided a limited access admin account to distribute temporary password access to the wireless network.
Guest users use web applications and authenticate through a portal using a web browser. The receptionist for the company is provided a limited access admin account to distribute temporary password access to the wireless network.
2. Add wi guest users 3. Create an SSID using a captive portal 4. Add rewall addresses 5. Add security policies 6. Add a limited administrative role for the receptionist 7. Results Setting up guest wif users with a captive portal In this example, a FortiGate unit provides your offce with wired networking, but guest users use laptops and mobile devices. These devices need secure WiFi access to both the offce network and the Internet. Guest users use web applications and authenticate through a portal using a web browser. The receptionist for the company is provided a limited access admin account to distribute temporary password access to the wireless network. FortiGate Wireless network 10.10.10.1/24 FortiAP Internet WAN 1 172.20.120.23 DMZ 10.10.80.99/24 Internal 192.168.1.99/24 Internal network 61 Step One: Authorize the FortiAP over the DMZ interface Step Two: Add wif guest users Go to System > Network > Interface. Set the DMZ interface to be dedicated to FortiAP connections. Go to User & Device > User > User Group. Create guest wif users group. Connect the FortiAP to the DMZ interface and go to WiFi Controller > Managed Access Points > Managed FortiAP to authorize the FortiAP. 62 Step Three: Create an SSID using a captive portal Step Four: Add frewall addresses Go to WiFi Controller > WiFi Network > SSID. Create new SSID using captive portal. Go to Firewall Objects > Address > Address. Create addresses for internal wired network and guest wif users. 63 Step Five: Add security policies Go to Policy > Policy > Policy. Create a security policy allowing wif guest users accessing the internal network. Create a security policy allowing wif guest users accessing the Internet. 64 Step Six: Add a limited administrative role for the receptionist Go to System > Admin > Admin Profle. Create a limited admin profle allowing the receptionist to create new guest users. Go to System > Admin > Administrators. Create a new admin account for the receptionist using the new limited profle. 65 Results When a guest requires access to the wireless network, the company receptionist logs into the FortiGate unit with their account. The administrator needs to create guest user names on the FortiGate unit. Once logged in, they go to User & Device > User > Guest Management and create new user id. The FortiGate unit generates a password for the user. This password is only valid for four hours. Once this information is provided to the guest user, they can log in through the captive portal on the authentication page. 66 To verify that guest user logged in successfully, go to WiFi Controller > Monitor > Client Monitor. Once authenticated, guest users can surf on the internet and can also access resources in the internal wired network. Go to Policy > Monitor > Policy Monitor and verify active sessions. Select one of the bars for more information.