Adding a RADIUS server
Perform this procedure to add a RADIUS server to a network and then use this server to authenticate wireless clients.
Procedure steps
- On the FortiLAN Cloud Home page, select the network to which you want to add the RADIUS server.
- In the Menu bar, click Configure.
- In the Navigation pane, click My RADIUS server.
- Click Add My RADIUS Server.
- Complete the following fields:
Name
Type a name for My RADIUS Server.
NAS IP
Type the IP address of the network access server (NAS).
This field is optional.
Primary server name/IP
Type the server name or IP address of the primary RADIUS server.
Primary server secret
Type the secret key of the primary RADIUS server.
Secondary server name/IP
Type the server name or IP address of the secondary RADIUS server.
This field is optional.
Secondary server secret
Type the secret key of the secondary RADIUS server.
This field is optional.
Server port
If the RADIUS server is not using the default port, then type the server port.
The default is 1812.
Auth Protocol
Select the authentication protocol only to authenticate wireless clients that connect to captive portal enabled networks. If you select Auto, then the protocols are tried in this order.
- PEAP
- MSCHAPv2
- MSCHAPv1
- CHAP
- PAP
TLS Version
Select the TLS version for the PEAP authentication protocol.
CoA enable
Enable Change of Authorization (CoA) to allow the RADIUS server to adjust active client sessions. The AP disconnects user sessions when it receives a Disconnect-Request from the RADIUS server.
Account all servers
Enable this option to use both primary and secondary RADIUS servers for authentication.
Case sensitive username
Enable case sensitive RADIUS user name.
- To complete the addition of the RADIUS server, click Apply.