Given the configuration shown in the exhibit and the SSID settings which configuration change should the administrator make to fix the problem?

Refer to the exhibits.

Firewall Policy

Examine the firewall policy configuration and SSID settings

An administrator has configured a guest wireless network on FortiGate using the external captive portal The administrator has verified that the external captive portal URL is correct However wireless

users are not able to see the captive portal login page

Given the configuration shown in the exhibit and the SSID settings which configuration change should the administrator make to fix the problem?
A . Disable the user group from the SSID configuration
B . Enable the captivs-portal-exempt option in the firewall policy with the ID 11.
C . Apply a guest.portal user group in the firewall policy with the ID 11.
D . Include the wireless client subnet range in the Exempt Source section

View Answer

Answer: C

Explanation:

According to the FortiGate Administration Guide, “To use an external captive portal, you must configure a user group that uses the external captive portal as the authentication method and apply it to a firewall policy.” Therefore, option C is true because it will allow the wireless users to be redirected to the external captive portal URL when they try to access the Internet. Option A is false because disabling the user group from the SSID configuration will prevent the wireless users from being authenticated by the FortiGate device. Option B is false because enabling the captive-portal-exempt option in the firewall policy will bypass the captive portal authentication for the wireless users, which is not the desired outcome. Option D is false because including the wireless client subnet range in the Exempt Source section will also bypass the captive portal authentication for the wireless users, which is not the desired outcome.