This is a sample configuration of SSL VPN that uses FortiAuthenticator as a RADIUS authentication server.
WAN interface is the interface connected to ISP. This example shows static mode. You can also use DHCP or PPPoE mode. The SSL VPN connection is established over the WAN interface.
- Create a user on the FortiAuthenticator.
- On the FortiAuthenticator, go to Authentication > User Management > Local Users to create a user sslvpnuser1.
- Enable Allow RADIUS authentication and click OK to access additional settings.
- Go to Authentication > User Management > User Groups to create a group sslvpngroup.
- Add sslvpnuser1 to the group by moving the user from Available users to Selected users.
- Create the RADIUS client (FortiGate) on the FortiAuthenticator.
- On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients to add the FortiGate as a RADIUS client OfficeServer).
- Enter the FortiGate IP address and set a Secret.
The secret is a pre-shared secure password that the FortiGate uses to authenticate to the FortiAuthenticator.
- Set Realms to local | Local users.
- Configure the interface and firewall address. The port1 interface connects to the internal network.
- Go t