Fortinet black logo

Version:

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Doc ID 52c06fe2-eb01-11eb-97f7-00505692583a:318160
Copy Link

Configuring RADIUS client on FortiAuthenticator

The FortiAuthenticator has to be configured to allow RADIUS clients to make authorization requests to it.

To create the RADIUS client:
  1. On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and select Create New.
  2. Enter a Name, the IP address of the FortiGate, and set a Secret.
    The secret is a pre-shared secure password that the FortiGate will use to authenticate to the FortiAuthenticator.

To create the RADIUS policy:
  1. Go to Authentication > RADIUS Service > Policies, and select Create New.
  2. Enter the RADIUS policy name, description, and select the FortiGate RADIUS client.
  3. Do not configure RADIUS attribute criteria.
  4. Set the authentication type as Client Certificates (EAP-TLS).

  5. Choose a username format (in this example: username@realm), select the Local realm.
  6. Set the authentication method to Password only authentication.
  7. Review the RADIUS response, and click Save and Exit.

Configuring RADIUS client on FortiAuthenticator

The FortiAuthenticator has to be configured to allow RADIUS clients to make authorization requests to it.

To create the RADIUS client:
  1. On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and select Create New.
  2. Enter a Name, the IP address of the FortiGate, and set a Secret.
    The secret is a pre-shared secure password that the FortiGate will use to authenticate to the FortiAuthenticator.

To create the RADIUS policy:
  1. Go to Authentication > RADIUS Service > Policies, and select Create New.
  2. Enter the RADIUS policy name, description, and select the FortiGate RADIUS client.
  3. Do not configure RADIUS attribute criteria.
  4. Set the authentication type as Client Certificates (EAP-TLS).

  5. Choose a username format (in this example: username@realm), select the Local realm.
  6. Set the authentication method to Password only authentication.
  7. Review the RADIUS response, and click Save and Exit.