Fortinet black logo

Cookbook

Home FortiAuthenticator 6.2.0 Cookbook

WiFi onboarding using FortiAuthenticator Smart Connect

6.2.0
6.5.0
6.4.0
6.3.0
6.2.0
6.1.0
6.0.0
5.5.0
Copy Link
Copy Doc ID 502fabff-dbf1-11ea-96b9-00505692583a:771048
Download PDF

WiFi onboarding using FortiAuthenticator Smart Connect

This example demonstrates how to configure WiFi onboarding using FortiAuthenticator Smart Connect with either Google G Suite or Microsoft Azure.

This configuration assumes that you have already configured your FortiAuthenticator following the initial configuration steps available within the FortiAuthenticator Administration Guide. FortiAuthenticator must be version 6.1.1 or higher.

Before starting, you should already have the following available:

  • A registered domain name and functional DNS. This example uses fortixpert.com.
  • A publicly signed wildcard certificate for your domain (for example *.fortixpert.com used to sign MS Azure DS Secure LDAP Connector).
  • A publicly signed host/server certificate for FortiAuthenticator.
  • An active Google G Suite Enterprise or MS Azure subscription, depending on your chosen configuration.
    • Please note: Secure LDAP is not supported using G Suite Business or G Suite Basic subscriptions.
    • An active MS Azure subscription requires AD Directory Services to be provisioned in order to support Secure LDAP.
  • Have the appropriate Fortinet infrastructure in place, for example, Fortigate running FOS 6.2.4GA+, FortiSwitch running 6.2.4GA+, FortiAP/FortiAP-U running latest GA and FortiAuthenticator 6.1.1 and above.
To configure WiFi onboarding using Smart Connect:
  1. Initial settings on FortiAuthenticator
  2. Select either the G Suite or Azure configuration:
    1. Option A - WiFi onboarding with Smart Connect and G Suite
    2. Option B - WiFi onboarding with Smart Connect and Azure
  3. FortiGate configuration
  4. Results
Previous
Next

WiFi onboarding using FortiAuthenticator Smart Connect

This example demonstrates how to configure WiFi onboarding using FortiAuthenticator Smart Connect with either Google G Suite or Microsoft Azure.

This configuration assumes that you have already configured your FortiAuthenticator following the initial configuration steps available within the FortiAuthenticator Administration Guide. FortiAuthenticator must be version 6.1.1 or higher.

Before starting, you should already have the following available:

  • A registered domain name and functional DNS. This example uses fortixpert.com.
  • A publicly signed wildcard certificate for your domain (for example *.fortixpert.com used to sign MS Azure DS Secure LDAP Connector).
  • A publicly signed host/server certificate for FortiAuthenticator.
  • An active Google G Suite Enterprise or MS Azure subscription, depending on your chosen configuration.
    • Please note: Secure LDAP is not supported using G Suite Business or G Suite Basic subscriptions.
    • An active MS Azure subscription requires AD Directory Services to be provisioned in order to support Secure LDAP.
  • Have the appropriate Fortinet infrastructure in place, for example, Fortigate running FOS 6.2.4GA+, FortiSwitch running 6.2.4GA+, FortiAP/FortiAP-U running latest GA and FortiAuthenticator 6.1.1 and above.
To configure WiFi onboarding using Smart Connect:
  1. Initial settings on FortiAuthenticator
  2. Select either the G Suite or Azure configuration:
    1. Option A - WiFi onboarding with Smart Connect and G Suite
    2. Option B - WiFi onboarding with Smart Connect and Azure
  3. FortiGate configuration
  4. Results
Previous
Next