Bypass FortiGate Captive Portal 24 Hours Session limit.

What is it captive portal?

captive portal is a web page accessed with a web browser that is displayed to newly connected users of a Wi-Fi or wired network before they are granted broader access to network resources. Captive portals are commonly used to present a landing or log-in page which may require authentication.

What is it Session Timeout?

Session timeout is a fairly popular option that needs to be used carefully. It is used to determine how long a device may remain authenticated before it must perform authentication again.

By default the authentication timeout is set to 5 minutes.

Argus-fw# show full-configuration user setting

The authentication timeout can be changed globally to maximum of 24 hours.

Argus-fw# config user setting
Argus-fw(setting) # set auth-timeout
<timeout_integer>   The auth time-out range is 1-1440 minutes (24 hours)
Argus-fw(Guest-group) # end

Increase session timeout above the 24 hours limit:

But what if you want your users to authenticate to the company’s wifi once in 3 days or a week.

how do you actually bypass the 24 hour limit.

To bypass this limtation you can set authtimeout <timeout> value by Group and not Global.

In group seeting you can Set the value between 1-43200 (or one minute to thirty days).

The default is set to 0, which sets the timeout to use the global authentication (24Hours).

To change group settings :

Argus-fw # config user group
Argus-fw(group) # edit Guest-group
Argus-fw(Guest-group) # set authtimeout
<integer> The auth time-out range is 0-43200 minutes (0 = use global authtimeout value)
Argus-fw (Guest-group) # end

To view the changes:

Argus-fw $ config user group 

Argus-fw (group) $ get Guest\ Group 
name                : Guest Group
group-type          : firewall 
authtimeout         : 43200
auth-concurrent-override: disable 
http-digest-realm   : 
member              : "menit"

Now all you need to do is to assign the group with the new settings, to your WIFI Configuration.

Author: Meni T.

IT Infrastructure Manager

2 thoughts on “Bypass FortiGate Captive Portal 24 Hours Session limit.”

Leave a Reply to Caterina Hinks Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: