hi, i’m working from a fedora 41 pc and i’ve created a rocky linux 8.10 vm without gui on virtualbox, the connection is set in “bridged adapter” (i have to, i cannot set it as NAT) and it’s linked to my pc network. Where i work there is a fortigate that block access on internet before authentication. fortigate links appears in my pc when i open the browser and i searc something (redirect). I would like to go to internet from my vm. do you have any advice? when i try to curl something it always answer with this: curl http://example.com
<html><body><script language=“JavaScript”>window.location=“http://“gatewayIp”:1000/fgtaut
h?05041e9ef3f6d680”;</script></body*></html*>
(i added * so everyone can see the output)
So i can see that also my vm get redirect to the fortigate (everytime the token change).
I would love to know how can i put in a manual way the username and the password and also if it can be done in a automatic way.
thanks
Is the Fortigate being used as a proxy?
The problem here isn’t Rocky, but the way your network is configured to block access without authentication. So the real question is, what is this authentication? Proxy auth? Something else?
everytime i turn on my machine and open a browser (just the first time) i get redirect into a page where i have to validate myself before surf on public internet. The main problem is that i actually don’t know how can i do it from my rocky linux vm. Is there any way to auth my vm from my actually pc while keeping the bridged adapter in rocky vm ?
That is why I asked you is it being used as a proxy to the internet? Because if it is, then you can export http_proxy and https_proxy variables with the login/password.
If you are not using the Fortigate as a proxy then we need more information from you before we can help. Since we don’t know how your Fortigate is configured, and whether it is being used as a proxy or some other form of access control.
When you can clearly inform us of how it is configured, only then can we help. If you don’t know the function of the Fortigate that is being used, you need to ask the people who manage your Fortigate - IT Team or whoever.
It sounds a bit like
Host : Fedora : Fortigate
Guest : Rocky : Host
And Host is supposed to use SAML auth via a web browser, where it connects to fortigate, authenticates, receives a token and then finally connects to the real network, gets a routing table etc.
Once the host is authenticated, it MIGHT be possible that the guest could internetwork via the host.
Typically, the “NATted” setup has the host as router between external and virtual subnets. In that the fortigate would not know anything about the guest as it would talk only with the host.
The “bridged” setup adds the guest to the external subnet directly, so it would have to negotiate with the fortigate to enable connection.
virtualbox. Does the Fedora have libvirt? Rocky does.
Is libvirt/KVM any easier than virtualbox? I don’t know.
Is the hypervisor important for the discussion? Probably not.
The question seems to be:
How to configure Rocky from cli to authenticate/enable/get connection/network from fortigate (i.e. without GUI browser)?
Corollary: Does the fortigate allow multiple machines to get network (simultaneously, with same account)?
With a basic Fortigate configuration (no auth/proxy), none of these problems exists. We still don’t know what Fortigate functionality he is using that is asking for authentication. Could be a multitude of things - proxy, network access control (802.1x), some other type of auth to gain web access.
I have a Fortigate 60F at home with basic functionality enabled. I’d really like to know a lot more detail to be able to provide an answer, since all of us are just guessing right now.
fortigate simply appears when i want to search something outside my network on internet and ask for username and pssword (if i do not auth myself on internet and i try for example to ping devices inside my network i can reach them). Is there any way to go to internet from my rocky linux vm bypassing this issue? maybe cloning the mac address and set something else in my vm network configuration?
Can you tell us how the Fortigate is configured and what feature it is using that is asking you to authenticate? You continue to ignore this question. Sorry, but don’t expect any help on this if you aren’t going to provide the information we ask for. Once we know what feature the Fortigate is using, then we can then suggest a solution. So until you give us this info, there will be no fix to your problem.
actually i don’t know them but i solved it.
Basically i had to set the same ip on my vm and the same mac address and set the same gateway of my phisical pc (same connection i attached to when i set the bridged adapter). When i need connection in that vm i have to accept that connection on my pc is not gonna work. and when i need it i have to turn of that network in my vm or just shutdown the vm..
by the way thanks to all for the help!
1 Like