Configuring Internet access for guests with mobile devices
Guest devices have access only to the Internet. You need a device policy that allows traffic to flow from the WiFi SSID to the Internet interface. Within that policy, you need an authentication rules to allow access for the various types of devices.
To create the device policy
1. Go to Policy > Policy > Policy and select Create New.
2. Enter the following information:
Policy Type | Firewall |
Policy Subtype | Device Identity |
Incoming Interface | byod-example |
Source Address | all |
Outgoing Interface | wan1 |
Enable NAT | Enable. |
You are now ready to create the authentication rule.
To create the authentication rule
1. In Configure Authentication Rules, select Create New and enter:
Destination Address | all |
Device | Device or Device Group |
Compliant with Endpoint Profile | not selected |
Schedule | always |
Service | ALL |
Action | ACCEPT |
2. Select OK.
3. If asked, confirm that you accept FortiOS will enable device identification on the source interface.
The rule is now configured.
4. Select OK to complete configuration of the security policy.