Answer is A
FortiGate_Security_7.2 page 166
Captive portal will not allow traffic without valid authentication. It happen at interface level, before firewall policy
configure on Fortigate:
- captive portal authentication required
- Authentication failed message for Sales users
- Authentication success for HR users
- second policy used by HR users
Interface LAN (port3) is configured to authenticate and only allow HR to access. " All users will be prompted for authentication, users from the HR group can authenticate successfully with the correct credentials
Answer is A
Not B: "Alternatively, only on the CLI, you can change the auth-on-demand option to always. This instructs FortiGate to trigger an authentication request, if there is a firewall policy with active authentication enabled. In this case, the traffic is allowed until authentication is successful."
A. All users will be prompted for authentication; users from the HR group can authenticate successfully with the correct credentials.
FortiGate Security 7.2 Study Guide (p.166):
"If you want to have all users connect to a specific interface, then it is better to enable captive portal authentication at the interface level. This way, all devices must authenticate before they are allowed to access any resources."
Reference and download study guide:
https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Halmonte0780
Highly Voted 1 year, 9 months agoAMK2ENG
Most Recent 1 year, 4 months agolaberitcanarias
1 year, 7 months agoraydel92
1 year, 7 months agoazmiit
1 year, 8 months agoSreput33
1 year, 8 months ago[Removed]
1 year, 9 months agoTakumi
1 year, 9 months ago