Fortinet black logo

Administration Guide

RADIUS Servers

Copy Link
Copy Doc ID 5e5f427d-b811-11eb-92d0-00505692583a:822225
Download PDF

RADIUS Servers

FortiDeceptor supports remote authentication of administrators using RADIUS servers. To use this feature, configure the server entries in FortiDeceptor for each authentication server in your network.

If you have configured RADIUS support and require users to authenticate using a RADIUS server, FortiDeceptor contacts the RADIUS server for authentication. To authenticate with FortiDeceptor, the user enters a user name and password. FortiDeceptor sends this user name and password to the RADIUS server. If the RADIUS server can authenticate the user, FortiDeceptor authenticates the user. If the RADIUS server cannot authenticate the user, FortiDeceptor refuses the connection.

The following options are available:

Create New

Add a RADIUS server.

Edit

Edit the selected RADIUS server.

Delete

Delete the selected RADIUS server.

The following information is displayed:

Name

RADIUS server name.

Primary Address

Primary server IP address.

Secondary Address

Secondary server IP address.

Port

Port used for RADIUS traffic.

The default port is 1812.

Auth Type

The authentication type the RADIUS server requires.

Select Any, PAP, CHAP, or MSv2. Any means FortiDeceptor tries all authentication types.

To add a RADIUS server:
  1. Go to System > RADIUS Servers.
  2. Click Create New.
  3. Configure the following settings:

    Name

    A unique name to identify the RADIUS server.

    Primary Server Name/IP

    IP address or FQDN of the primary RADIUS server.

    Secondary Server Name/IP

    IP address or FQDN of the secondary RADIUS server.

    Port

    Port for RADIUS traffic.

    The default port is 1812.

    Auth Type

    Authentication type the RADIUS server requires.

    Select Any, PAP, CHAP, or MSv2. Any means FortiDeceptor tries all authentication types.

    Primary Secret

    Primary RADIUS server secret.

    Secondary Secret

    Secondary RADIUS server secret.

    NAS IP

    NAS IP address.

  4. Click OK.

RADIUS Servers

FortiDeceptor supports remote authentication of administrators using RADIUS servers. To use this feature, configure the server entries in FortiDeceptor for each authentication server in your network.

If you have configured RADIUS support and require users to authenticate using a RADIUS server, FortiDeceptor contacts the RADIUS server for authentication. To authenticate with FortiDeceptor, the user enters a user name and password. FortiDeceptor sends this user name and password to the RADIUS server. If the RADIUS server can authenticate the user, FortiDeceptor authenticates the user. If the RADIUS server cannot authenticate the user, FortiDeceptor refuses the connection.

The following options are available:

Create New

Add a RADIUS server.

Edit

Edit the selected RADIUS server.

Delete

Delete the selected RADIUS server.

The following information is displayed:

Name

RADIUS server name.

Primary Address

Primary server IP address.

Secondary Address

Secondary server IP address.

Port

Port used for RADIUS traffic.

The default port is 1812.

Auth Type

The authentication type the RADIUS server requires.

Select Any, PAP, CHAP, or MSv2. Any means FortiDeceptor tries all authentication types.

To add a RADIUS server:
  1. Go to System > RADIUS Servers.
  2. Click Create New.
  3. Configure the following settings:

    Name

    A unique name to identify the RADIUS server.

    Primary Server Name/IP

    IP address or FQDN of the primary RADIUS server.

    Secondary Server Name/IP

    IP address or FQDN of the secondary RADIUS server.

    Port

    Port for RADIUS traffic.

    The default port is 1812.

    Auth Type

    Authentication type the RADIUS server requires.

    Select Any, PAP, CHAP, or MSv2. Any means FortiDeceptor tries all authentication types.

    Primary Secret

    Primary RADIUS server secret.

    Secondary Secret

    Secondary RADIUS server secret.

    NAS IP

    NAS IP address.

  4. Click OK.