Configuring FortiAnalyzer
On the FortiAnalyzer, you need to configure the RADIUS server and create an administrator that uses the RADIUS server for authentication.
To configure the RADIUS server:
- Go to System Settings > Admin > Remote Authentication Server.
- Click Create New > RADIUS Server in the toolbar.
- Configure the following settings, then click OK.
Name
Enter a name to identify the FortiAuthenticator.
Server Name/IP
Enter the IP address or fully qualified domain name of your FortiAuthenticator.
Port
Enter the port for FortiAuthenticator traffic.
Server Secret
Enter the FortiAuthenticator secret.
Secondary Server Name/IP
Enter the IP address or fully qualified domain name of the secondary FortiAuthenticator, if applicable.
Secondary Server Secret
Enter the secondary FortiAuthenticator secret, if applicable.
Authentication Type
Select the authentication type the FortiAuthenticator requires. If you select the default ANY, FortiAnalyzer tries all authentication types.
Note: RADIUS server authentication for local administrator users stored in FortiAuthenticator requires the PAP authentication type.
To create the administrator:
- Go to System Settings > Admin > Administrator.
- Click Create New from the toolbar.
- Configure the settings, selecting the previously added RADIUS server from the RADIUS Server dropdown list. See Creating administrators.
- Click OK to save the settings.
To test the configuration:
- Attempt to log in to the FortiAnalyzer GUI with your new credentials.
- Enter your user name and password and click Login.
- Enter your FortiToken pin code and click Submit to log in to the FortiAnalyzer.