Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • User Guide

    Home FortiPortal 6.0.8 User Guide
    6.0.8
    7.4.1
    7.4.0
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.0.15
    6.0.14
    6.0.13
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.3.8
    5.3.7
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.0
    5.2.0
    4.1.0

    Local authentication

    Local authentication

    You can add, update, and delete local authentication settings.

    Add local authentication settings

    1. Select local from the Auth Server Settings dropdown menu.
    2. Right-click in the local authentication table and select Create New.
    3. Enter values in the relevant fields. See Local authentication fields.
    4. Select Save.

    Update local authentication settings

    1. Select local from the Auth Server Settings dropdown menu.
    2. Right-click a local user and select Edit.
    3. Update the values that you want to change.
    4. Select Save.

    Delete local authentication settings

    1. Select local from the Auth Server Settings dropdown menu.
    2. Right-click a local user and select Delete.
    3. Select Yes in the confirmation dialog box to delete the local user.

    Local authentication fields

    The Create New Local User and Edit Local User dialogs contain the following fields:

    Settings

    Guidelines

    Name

    Required. Enter the name of the local user.

    Auth Concurrent Override

    Enable or disable overriding the number of concurrent firewall use logins from the same user.

    Auth Concurrent Value

    The maximum number of concurrent logins permitted from the same user.

    Auth Timeout

    The number of minutes before the authentication timeout for a user is reached.

    Email-To

    Two-factor recipientʼs email address.

    FortiToken

    Two-factor recipientʼs FortiToken serial number.

    Id

    Local user ID.

    LDAP Server

    The name of the LDAP server with which the user must authenticate.

    Password

    Local userʼs password.

    Password Policy

    Password policy to apply to this user.

    PPK Identity

    Specify the Post-quantum Preshared Key (PKK) Identity for successful validation of PPK credentials in dynamic VPNs with peertype dialup.

    PPK Password

    IKEv2 Postquantum Preshared Key (ASCII string or hexadecimal encoded with a leading 0x).

    Radius Server

    The name of the RADIUS server with which the user must authenticate.

    SMS Custom Server

    Two-factor recipientʼs SMS server.

    SMS Phone

    Two-factor recipientʼs mobile phone number.

    SMS Server

    Send SMS through FortiGuard or other external server.

    Status

    Enable or disable allowing the local user to authenticate with the FortiGate unit.

    TACACS+ Server

    The name of the TACACS+ server with which the user must authenticate.

    Two-Factor

    Disable two-factor authentication or choose which two-factor authentication method is used:

    fortitoken—FortiToken

    disable—disable

    sms—SMS authentication code.

    email—Email authentication code.

    Type

    Required. Select the authentication method.

    password—Password authentication.

    ldap—LDAP server authentication.

    tacacs+—TACACS+ server authentication.

    radius—RADIUS server authentication.

    Workstation

    If you want to limit the user to authenticate only from a particular workstation, enter the name of the remote user workstation

    Previous
    Next

    Local authentication

    Local authentication

    You can add, update, and delete local authentication settings.

    Add local authentication settings

    1. Select local from the Auth Server Settings dropdown menu.
    2. Right-click in the local authentication table and select Create New.
    3. Enter values in the relevant fields. See Local authentication fields.
    4. Select Save.

    Update local authentication settings

    1. Select local from the Auth Server Settings dropdown menu.
    2. Right-click a local user and select Edit.
    3. Update the values that you want to change.
    4. Select Save.

    Delete local authentication settings

    1. Select local from the Auth Server Settings dropdown menu.
    2. Right-click a local user and select Delete.
    3. Select Yes in the confirmation dialog box to delete the local user.

    Local authentication fields

    The Create New Local User and Edit Local User dialogs contain the following fields:

    Settings

    Guidelines

    Name

    Required. Enter the name of the local user.

    Auth Concurrent Override

    Enable or disable overriding the number of concurrent firewall use logins from the same user.

    Auth Concurrent Value

    The maximum number of concurrent logins permitted from the same user.

    Auth Timeout

    The number of minutes before the authentication timeout for a user is reached.

    Email-To

    Two-factor recipientʼs email address.

    FortiToken

    Two-factor recipientʼs FortiToken serial number.

    Id

    Local user ID.

    LDAP Server

    The name of the LDAP server with which the user must authenticate.

    Password

    Local userʼs password.

    Password Policy

    Password policy to apply to this user.

    PPK Identity

    Specify the Post-quantum Preshared Key (PKK) Identity for successful validation of PPK credentials in dynamic VPNs with peertype dialup.

    PPK Password

    IKEv2 Postquantum Preshared Key (ASCII string or hexadecimal encoded with a leading 0x).

    Radius Server

    The name of the RADIUS server with which the user must authenticate.

    SMS Custom Server

    Two-factor recipientʼs SMS server.

    SMS Phone

    Two-factor recipientʼs mobile phone number.

    SMS Server

    Send SMS through FortiGuard or other external server.

    Status

    Enable or disable allowing the local user to authenticate with the FortiGate unit.

    TACACS+ Server

    The name of the TACACS+ server with which the user must authenticate.

    Two-Factor

    Disable two-factor authentication or choose which two-factor authentication method is used:

    fortitoken—FortiToken

    disable—disable

    sms—SMS authentication code.

    email—Email authentication code.

    Type

    Required. Select the authentication method.

    password—Password authentication.

    ldap—LDAP server authentication.

    tacacs+—TACACS+ server authentication.

    radius—RADIUS server authentication.

    Workstation

    If you want to limit the user to authenticate only from a particular workstation, enter the name of the remote user workstation

    Previous
    Next