Fortinet white logo
Fortinet white logo

CLI Reference

waf site-publish-helper authentication-server-pool

waf site-publish-helper authentication-server-pool

Use this command to create a pool of authentication server connections for use with a site publishing rule.

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config waf site-publish-helper authentication-server-pool

edit "<authentication-server-pool_name>"

edit <entry_index>

set server-type {ldap | radius}

set ldap-server "<ldap-query_name>"

set radius-server "<radius-query_name>"

set rsa-securid {enable | disable}

end

next

end

Variable Description Default

"<authentication-server-pool_name>"

Enter the name of a new or existing authentication server pool. The maximum length is 63 characters.

To display the list of existing pools, enter:

edit ?

No default.

<entry_index>

Enter the index number of a new or existing server entry in the authentication server pool. No default.

server-type {ldap | radius}

Set the server type to the server entry <entry_index>. Enter ldap for a LDAP server or radius for a RADIUS server. ldap

ldap-server "<ldap-query_name>"

Set the name of the LDAP query to the server entry <entry_index> if you set the server entry as LDAP. For details, see user ldap-user. No default.

radius-server "<radius-query_name>"

Set the name of the RADIUS query to the server entry <entry_index> if you set the server entry as RADIUS. For details, see user radius-user. No default.

rsa-securid {enable | disable}

Specify whether FortiWeb authenticates clients using a username and a RSA SecurID authentication code only. Users are not required to enter a password.

When this option is enabled, the authentication delegation options in the site publish rule are not available.

Available only if server-type {ldap | radius} is radius and client-auth-method {html-form-auth | http-auth | client-cert-auth | saml-auth | ntlm-auth} is html-form-auth.

disable

Example

For an example, see waf site-publish-helper rule.

Related topics

waf site-publish-helper authentication-server-pool

waf site-publish-helper authentication-server-pool

Use this command to create a pool of authentication server connections for use with a site publishing rule.

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config waf site-publish-helper authentication-server-pool

edit "<authentication-server-pool_name>"

edit <entry_index>

set server-type {ldap | radius}

set ldap-server "<ldap-query_name>"

set radius-server "<radius-query_name>"

set rsa-securid {enable | disable}

end

next

end

Variable Description Default

"<authentication-server-pool_name>"

Enter the name of a new or existing authentication server pool. The maximum length is 63 characters.

To display the list of existing pools, enter:

edit ?

No default.

<entry_index>

Enter the index number of a new or existing server entry in the authentication server pool. No default.

server-type {ldap | radius}

Set the server type to the server entry <entry_index>. Enter ldap for a LDAP server or radius for a RADIUS server. ldap

ldap-server "<ldap-query_name>"

Set the name of the LDAP query to the server entry <entry_index> if you set the server entry as LDAP. For details, see user ldap-user. No default.

radius-server "<radius-query_name>"

Set the name of the RADIUS query to the server entry <entry_index> if you set the server entry as RADIUS. For details, see user radius-user. No default.

rsa-securid {enable | disable}

Specify whether FortiWeb authenticates clients using a username and a RSA SecurID authentication code only. Users are not required to enter a password.

When this option is enabled, the authentication delegation options in the site publish rule are not available.

Available only if server-type {ldap | radius} is radius and client-auth-method {html-form-auth | http-auth | client-cert-auth | saml-auth | ntlm-auth} is html-form-auth.

disable

Example

For an example, see waf site-publish-helper rule.

Related topics