Re: Captive portal attached to an interface but after authentication browser go loop
I need to warm up this thread a little bit.
In our company we are running a cluster of 2 Fortigate 800D running 6.0.5 with FSSO configured (preferred method of authentication) and an LDAP user authentication as a fallback solution in case the FSSO doesn't work.
Now we are facing a similar issue like the thread starter when some (randomly picked) users are authenticating against LDAP over the captive portal. The users try to access the internet, LDAP authentication page appears, users type in their valid user credentials and press enter. Now the authentication keepalive is active and they should be able to browse the internet by opening a new tab/window. Unfortunately, doing so results in the very same authentication keepalive page opening up over and over again with every new tab. Accessing the internet isn't possible this way.
Now the solution mentioned by thende seems just to be the way to go for me but I'm a little afraid to enter this command as I am unaware of the impact it would have. Currently we have roughly 1,900 authenticated users passing through the firewall and I'd really like to avoid kicking all of them out by entering this command ;-)
Long story short: What kind of impact can be expected by entering this command in total?
Since we upgraded from 5.4.10 to 5.6.9 to 6.0.5 in one day only two weeks ago and "set auth-src-mac" was disabled all the time in our previous running version 5.4.10, I don't think I would disable a very important feature. Nevertheless I'd like to know as much as possible about the expected impact on the users and the whole Fortigate cluster.
Really appreciate your input, thanks a lot and best regards!