Creating the RADIUS client on FortiAuthenticator
- On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and select Create New to add the FortiGate as a RADIUS client.
- Enter a Name (OfficeServer), the IP address of the FortiGate, and set a Secret. The secret is a pre-shared secure password that the FortiGate will use to authenticate to the FortiAuthenticator.
- Set Authentication method to Enforce two-factor authentication and check the Enable FortiToken Mobile push notifications authentication checkbox.
Note the Username input format. This is the format that the user must use to enter their username in the web portal, made up of their username and realm. In this example, the full username for gthreepwood is "gthreepwood@local".
- Set Realms to local | Local users, and add RemoteFTMUsers to the Groups filter.