Fortinet black logo

External Systems Configuration Guide

Setting Up External Authentication

Setting Up External Authentication

You have three options for setting up external authentication for your FortiSIEM deployment: LDAP, RADIUS, and Okta.

Multiple Authentication Profiles

If more than one authentication profile is associated with a user, then the servers will be contacted one-by-one until a connection to one of them is successful. Once a server has been contacted, if the authentication fails, the process ends, and the user is notified that the authentication failed.

  1. Log in to your Supervisor node.
  2. Go to ADMIN > Settings > General > External Authentication.
  3. Click New.
  4. If you are setting up authentication for an organization within a multi-tenant deployment, select the Organization.
  5. Select the Protocol.
  6. Complete the protocol settings.
  7. ProtocolUser-Defined Settings
    LDAPAccess IP
    Select Set DN Pattern to open a text field in which you can enter the DN pattern if you want to override the discovered pattern, or you want to add a specific LDAP user.
    RADIUSAccess IP
    Shared Secret
    Select CHAP if you are using encrypted authentication to your RADIUS server. See also Juniper Networks Steel-Belted RADIUS.
    OktaCertificate
    See Configuring Okta Authentication for more information.
  8. Click Test, and then enter credentials associated with the protocol you selected to make sure users can authenticate to your deployment.

Setting Up External Authentication

Setting Up External Authentication

You have three options for setting up external authentication for your FortiSIEM deployment: LDAP, RADIUS, and Okta.

Multiple Authentication Profiles

If more than one authentication profile is associated with a user, then the servers will be contacted one-by-one until a connection to one of them is successful. Once a server has been contacted, if the authentication fails, the process ends, and the user is notified that the authentication failed.

  1. Log in to your Supervisor node.
  2. Go to ADMIN > Settings > General > External Authentication.
  3. Click New.
  4. If you are setting up authentication for an organization within a multi-tenant deployment, select the Organization.
  5. Select the Protocol.
  6. Complete the protocol settings.
  7. ProtocolUser-Defined Settings
    LDAPAccess IP
    Select Set DN Pattern to open a text field in which you can enter the DN pattern if you want to override the discovered pattern, or you want to add a specific LDAP user.
    RADIUSAccess IP
    Shared Secret
    Select CHAP if you are using encrypted authentication to your RADIUS server. See also Juniper Networks Steel-Belted RADIUS.
    OktaCertificate
    See Configuring Okta Authentication for more information.
  8. Click Test, and then enter credentials associated with the protocol you selected to make sure users can authenticate to your deployment.