Fortinet black logo

Cookbook

Connecting the FortiGate to the RADIUS server

Copy Link
Copy Doc ID a4a06ec3-12a7-11e9-b86b-00505692583a:200757
Download PDF

Connecting the FortiGate to the RADIUS server

  1. On the FortiGate, go to User & Device > RADIUS Servers, and select Create New to connect to the RADIUS server (FortiAuthenticator).
  2. Enter a Name (OfficeRADIUS), the IP address of the FortiAuthenticator, and enter the Secret created before.
  3. Select Test Connectivity to be sure you can connect to the RADIUS server. Then select Test User Credentials and enter the credentials for gthreepwood.

  4. Because the user has been assigned a FortiToken, the test should come stating that More validation is required.

  5. The FortiGate can now connect to the FortiAuthenticator as the RADIUS client configured earlier.

  6. Then go to User & Device > User Groups, and select Create New to map authenticated remote users to a user group on the FortiGate.

  7. Enter a Name (SSLVPNGroup) and select Add under Remote Groups.

  8. Select OfficeRADIUS under the Remote Server drop-down menu, and leave the Groups field blank.

Connecting the FortiGate to the RADIUS server

  1. On the FortiGate, go to User & Device > RADIUS Servers, and select Create New to connect to the RADIUS server (FortiAuthenticator).
  2. Enter a Name (OfficeRADIUS), the IP address of the FortiAuthenticator, and enter the Secret created before.
  3. Select Test Connectivity to be sure you can connect to the RADIUS server. Then select Test User Credentials and enter the credentials for gthreepwood.

  4. Because the user has been assigned a FortiToken, the test should come stating that More validation is required.

  5. The FortiGate can now connect to the FortiAuthenticator as the RADIUS client configured earlier.

  6. Then go to User & Device > User Groups, and select Create New to map authenticated remote users to a user group on the FortiGate.

  7. Enter a Name (SSLVPNGroup) and select Add under Remote Groups.

  8. Select OfficeRADIUS under the Remote Server drop-down menu, and leave the Groups field blank.