FORTIGATE VM INSTALL GUIDE MAC
Usually the MAC address will be printed on a label on the device itself. The last step is to add the MAC address(es) to the Social WiFi platform. The setup of the controller is now finished. Social WiFi (the interface created or edited in the previous point) Go to Policy & Objects → IPv4 Policy → Create New and use the following settings: Name
You need to allow for traffic from guests using the WiFi, because the default policy is to deny all traffic. Then use the following settings: Authentication Portal Scroll down to Admission Control section from the Security Mode dropdown, pick Captive Portal. If the interface hasn’t been configured before, follow the basic interface configuration from the previous step, to configure IP address and DHCP server. Go to Network → Interfaces and double-click on the interface that you want to install Social WiFi on. In this scenario those access points don’t have to be managed by the FortiGate unit. You can also run Social WiFi on a wired, physical interface and plug access points there. Interface configuration (wired interface) Social WiFi (or any name that you prefer)ĥb. Should be prefilled, if not, use 255.255.0.0 If you already have an exisiting WiFi network, edit it accordingly instead (you can skip to the “WiFi Settings” part). Go to WiFi & Switch Controller → SSID → Create New → SSID and use the following settings. Set member "Social WiFI - main" "Social WiFI - Facebook pixel" "Social WiFI - Google tag" "Social WiFi - Google" "Social WiFi - Facebook" "Social WiFi - Twitter" "Social WiFi - LinkedIn"ĥa. Set member "Social WiFi - LinkedIn 1" "Social WiFi - LinkedIn 2" "Social WiFi - LinkedIn 3" "Social WiFi - LinkedIn 4" Set member "Social WiFi - Twitter 1" "Social WiFi - Twitter 2" "Social WiFi - Twitter 3" "Social WiFi - Twitter 4" "Social WiFi - Twitter 5" Set member "Social WiFi - Facebook 1" "Social WiFi - Facebook 2" "Social WiFi - Facebook 3" "Social WiFi - Facebook 4" Set member "Social WiFi - Google 1 - regional" "Social WiFi - Google 2" "Social WiFi - Google 3" "Social WiFi - Google 4" "Social WiFi - Google 5" "Social WiFi - Google 6" "Social WiFi - Google 7" Set member "Social WiFi - Google tag 1" "Social WiFi - Google tag 2" "Social WiFi - Google tag 3" Set member "Social WiFi - Facebook pixel 1" "Social WiFi - Facebook pixel 2" Set member "Social WiFi - main 1" "Social WiFi - main 2" Please edit the “Social WiFi – Google 1 – regional” value below accordingly, e.g. Note: A regional Google domains according to your geogrpahic location has to be added to make Google login work. Please note, that the script is split into two parts, because there’s a length limit that cannot be exceeded. The suggested way to add all required entries, is to use the CLI again to copy (ctrl+C) and paste (ctrl+V) the following scripts. Using wildcards was added in firmware 6.2.2, so if you have that version or higher, you may adjust the following steps accordingly. The following guide assumes firmware version 5.6.2, which doesn’t support domains with wildcard (e.g. This list includes Social WiFi login page and third-party social login services (like Facebook, Google). Now we need to add all the services that will be available without logging in. Click OK to save and then click OK again. Under Remote Groups, click Add and then select Social WiFi from the Remote Server dropdown list. Go to User & Device → User Groups → Create New and use the following settings: Name
Then close the CLI console by clicking the “x” button in the top right corner. Open the CLI Console (top right corner, between “help” and your username).Ĭopy (ctrl+C) and paste (ctrl+V) or type the following commands:
Now you need to change the RADIUS port to 31812.
Radius Secret is available in Access Points tab of the Social WiFi Panel Go to User & Device → RADIUS Servers → Create New and use the following settings: Name The screenshots are based on firmware v5.6.2.Īlternatively, if your device is managed from FortiCloud, you can access the management UI from there. This guide assumes using the web based UI of the controller, which you can access by entering the IP address of the device in your browser. FortiOS version 5.6.0 and above work if the captive portal is enabled on a physical interface, VLAN interfaces are not supported below FortiOS 6.2.4ġ.recommended: FortiOS version 6.2.4 and above (tested up to 7.0.1).FortiOS version 5.6.0 and above (tested up to 7.0.1)įortiGate hardware or virtual machine – wired interfaces.Social WiFi has been tested and is proven to work on the following configurations: FortiWiFi – wireless interfaces
0 kommentar(er)
