Creating the RADIUS client on the FortiAuthenticator
- On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and select Create New to add the FortiGate as a RADIUS client.
- Enter a Name (OfficeServer), the IP address of the FortiGate, and set a Secret.
The secret is a pre-shared password that FortiGate uses to authenticate to the FortiAuthenticator.
- Set Authentication method to Enforce two-factor authentication and turn on Enable FortiToken Mobile push notifications authentication.
- Set Realms to local | Local users, and add RemoteFTMUsers to the Groups filter.
The Username input format is the format that users must use to enter their username in the web portal. This includes the username and realm. In this example, the full username for gthreepwood is gthreepwood@local.