Fortinet black logo

Administration Guide

Home FortiDeceptor 5.3.0 Administration Guide

MFA (RADIUS) configuration

5.3.0
5.3.0
5.2.0
5.1.0
5.0.0
4.3.0
4.2.0
4.1.1
4.1.0
4.0.2
4.0.1
4.0.0
3.3.3
3.3.2
3.3.1
3.3.0
3.2.2
3.2.1
3.2.0
3.1.1
3.1.0
3.0.2
3.0.1
3.0.0
2.1.0
2.0.0
1.1.0
1.0.1
Copy Link
Copy Doc ID 250a63c1-9b8e-11ee-a142-fa163e15d75b:565315
Download PDF

MFA (RADIUS) configuration

To integrate the RADIUS service with FortiDeceptor:
  1. Configure FortiAuthenticator on the RADIUS server side.
  2. Configure the RADIUS user on FortiDeceptor.

1. Configure FortiAuthenticator on the RADIUS server side

  1. Add the radius clients for remote RADIUS service access.
    1. In FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and click Create New. The Create New Authentication Client window opens.
    2. Configure the client service settings. For information, see Clients > To configure a RADIUS client in the FortiAuthenticator Administration Guide.
    3. Click OK.

  2. Create a radius policy for the radius client you created.
    1. Go to Authentication > RADIUS Service > Policies, and click Create New. The RADIUS Policy Creation Wizard opens.

    2. Follow the steps in the wizard to configure the policy. For information, see Policies > To configure a RADIUS policy in the FortiAuthenticator Administration Guide.
    3. Click OK.
  3. (Optional) Create or import a FortiToken.
    1. In FortiAuthenticator, go to Authentication > User Management > FortiTokens and click Create New.

  4. Create a local user.
    1. Go to Authentication > Local Users and click Create New.
    2. Configure the user settings and click OK.

    3. After the user is created, enable OTP with FortiToken for this local user.

      One-Time Password (OTP authenticationEnable.
      Deliver token byFortiToken

  5. Activate the FortiToken for this user via an email link.

2. Configure the RADIUS user on FortiDeceptor

  1. Add the RADIUS server.
    1. In FortiDeceptor, go to System > RADIUS.
    2. Configure the server settings and click OK.
      Tooltip

      We recommend enabling Push notification to mobile of applicable to allow users to authorize the login with a mobile device.

  2. Add the local user you created in FortiAuthenticator.
    1. Go to System > Administrators and click Create New.
    2. Configure the Administrator settings and click OK.

    3. Click Test Login to verify the credentials.
Previous
Next

MFA (RADIUS) configuration

To integrate the RADIUS service with FortiDeceptor:
  1. Configure FortiAuthenticator on the RADIUS server side.
  2. Configure the RADIUS user on FortiDeceptor.

1. Configure FortiAuthenticator on the RADIUS server side

  1. Add the radius clients for remote RADIUS service access.
    1. In FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and click Create New. The Create New Authentication Client window opens.
    2. Configure the client service settings. For information, see Clients > To configure a RADIUS client in the FortiAuthenticator Administration Guide.
    3. Click OK.

  2. Create a radius policy for the radius client you created.
    1. Go to Authentication > RADIUS Service > Policies, and click Create New. The RADIUS Policy Creation Wizard opens.

    2. Follow the steps in the wizard to configure the policy. For information, see Policies > To configure a RADIUS policy in the FortiAuthenticator Administration Guide.
    3. Click OK.
  3. (Optional) Create or import a FortiToken.
    1. In FortiAuthenticator, go to Authentication > User Management > FortiTokens and click Create New.

  4. Create a local user.
    1. Go to Authentication > Local Users and click Create New.
    2. Configure the user settings and click OK.

    3. After the user is created, enable OTP with FortiToken for this local user.

      One-Time Password (OTP authenticationEnable.
      Deliver token byFortiToken

  5. Activate the FortiToken for this user via an email link.

2. Configure the RADIUS user on FortiDeceptor

  1. Add the RADIUS server.
    1. In FortiDeceptor, go to System > RADIUS.
    2. Configure the server settings and click OK.
      Tooltip

      We recommend enabling Push notification to mobile of applicable to allow users to authorize the login with a mobile device.

  2. Add the local user you created in FortiAuthenticator.
    1. Go to System > Administrators and click Create New.
    2. Configure the Administrator settings and click OK.

    3. Click Test Login to verify the credentials.
Previous
Next