Cookbook

• EAP-TLS authentication
  • Wired 802.1x EAP-TLS with computer authentication
    • Active Directory prerequisites
    • Configuring the certificates
    • Manually importing the client certificate - Windows 10
    • Configuring the FortiAuthenticator AD server
    • Configuring the user group
    • Configuring remote user sync rules
    • Configuring the FortiAuthenticator RADIUS client
    • Configuring the switch
    • Results
  • Wireless 802.1x EAP-TLS with computer authentication
    • Active Directory prerequisites
    • Configuring the certificates
    • Manually importing the client certificate - Windows 10
    • Configuring the Intel PROSet Supplicant - Windows 10
    • Configuring the FortiAuthenticator AD server
    • Configuring the user group
    • Configuring remote user sync rules
    • Configuring the FortiAuthenticator RADIUS client
    • Configuring the FortiWiFi
    • Results
  • Wireless 802.1x EAP-TLS with user authentication
    • Configuring the certificates
    • Manually importing the client certificate - Windows 10
    • Configuring the FortiAuthenticator AD server
    • Configuring the user group
    • Configuring remote user sync rules
    • Configuring the FortiAuthenticator RADIUS client
    • Configuring the FortiWiFi
    • Results
• FortiToken and FortiToken Mobile
  • FortiToken Mobile Push for SSL VPN
    • Adding a FortiToken to the FortiAuthenticator
    • Adding the user to the FortiAuthenticator
    • Creating the RADIUS client on the FortiAuthenticator
    • Connecting the FortiGate to the RADIUS server
    • Configuring the SSL VPN
    • Results
• Guest Portals
  • FortiAuthenticator as Guest Portal for FortiWLC
    • Creating the FortiAuthenticator as RADIUS server on the FortiWLC
    • Creating the Captive Portal profile on the FortiWLC
    • Creating the security profile on the FortiWLC
    • Creating the QoS rule on the FortiWLC
    • Creating the ESS Profile on the FortiWLC
    • Creating FortiWLC as RADIUS Client on the FortiAuthenticator
    • Creating the Guest Portal on the FortiAuthenticator
    • Creating the Portal Rule on the FortiAuthenticator
    • Results
• MAC authentication bypass
  • MAC authentication bypass with dynamic VLAN assignment
    • Configuring MAC authentication bypass on the FortiAuthenticator
    • Configuring the user group
    • Configuring the RADIUS client
    • Configuring the 3rd-party switch
    • Results
• SAML authentication
  • SAML 2.0 FSSO with FortiAuthenticator and Centrify
    • Configuring DNS and FortiAuthenticator's FQDN
    • Enabling FSSO and SAML on the FortiAuthenticator
    • Adding SAML connector to Centrify for IdP metadata
    • Importing the IdP certificate and metadata on the FortiAuthenticator
    • Uploading the SP metadata to the Centrify tenant
    • Configuring FSSO on the FortiGate
    • Configuring captive portal and security policies
    • Results
  • SAML 2.0 FSSO with FortiAuthenticator and Google G Suite
    • Configuring FSSO and SAML on the FortiAuthenticator
    • Configuring SAML on G Suite
    • Importing the IdP certificate and metadata on the FortiAuthenticator
    • Configuring FSSO on the FortiGate
    • Configuring Captive Portal and security policies
    • Results
  • SAML 2.0 FSSO with FortiAuthenticator and Okta
    • Configuring DNS and FortiAuthenticator's FQDN
    • Enabling FSSO and SAML on the FortiAuthenticator
    • Configuring the Okta developer account IDP application
    • Importing the IDP certificate and metadata on the FortiAuthenticator
    • Configuring FSSO on the FortiGate
    • Configuring Captive Portal and security policies
    • Results
• Self-service Portal
  • FortiAuthenticator user self-registration
    • Creating a self-registration user group
    • Enabling self-registration
    • Creating a new SMTP server
    • Results - Self-registration
    • Results - Administrator approval
• VPNs
  • SSL VPN with RADIUS and FortiToken
    • Creating a user and a user group
    • Creating the RADIUS client
    • Connecting the FortiGate to FortiAuthenticator
    • Allowing users to connect to the VPN
    • Results
• Legacy
  • Social WiFi captive portal
    • Social WiFi captive portal with FortiAuthenticator (Facebook)
      • Configuring the Facebook developer account API
      • Configuring the social portal RADIUS service on the FortiAuthenticator
      • Configuring the FortiGate authentication settings
      • Configuring the FortiGate WiFi settings
      • Configuring the FortiGate to allow access to Facebook
      • Configuring the FortiGate to allow access to the FortiAuthenticator
      • Results
    • Social WiFi captive portal with FortiAuthenticator (Form-based)
      • Configuring the social portal RADIUS service on the FortiAuthenticator
      • Configuring the FortiGate authentication settings
      • Configuring the FortiGate WiFi settings
      • Configuring the FortiGate to allow access to the FortiAuthenticator
      • Results
    • Social WiFi captive portal with FortiAuthenticator (Google+)
      • Configuring the Google+ developer account API
      • Configuring the social portal RADIUS service on the FortiAuthenticator
      • Configuring the FortiGate authentication settings
      • Configuring the FortiGate WiFi settings
      • Configuring the FortiGate to allow access to Google
      • Configuring the FortiGate to allow access to the FortiAuthenticator
      • Results
    • Social WiFi captive portal with FortiAuthenticator (LinkedIn)
      • Configuring the LinkedIn developer account API
      • Configuring the social portal RADIUS service on the FortiAuthenticator
      • Configuring the FortiGate authentication settings
      • Configuring the FortiGate WiFi settings
      • Configuring the FortiGate to allow access to LinkedIn
      • Configuring the FortiGate to allow access to the FortiAuthenticator
      • Results
    • Social WiFi captive portal with FortiAuthenticator (Twitter)
      • Configuring the Twitter developer account API
      • Configuring the social portal RADIUS service on the FortiAuthenticator
      • Configuring the FortiGate authentication settings
      • Configuring the FortiGate WiFi settings
      • Configuring the FortiGate to allow access to Twitter
      • Configuring the FortiGate to allow access to the FortiAuthenticator
      • Results
• Change log