Local RADIUS Server (802.1x Only)

Install SSL Certificates

1. Navigate to System > Setting > Security > Certificate Management

2. From the Select target drill-down, select Local RADIUS Server (EAP)

3. Upload certificate(s) and click OK

4. If using EAP-TLS to validate client-side certificate, upload RADIUS Endpoint Trust.

5. Upload certificate(s) and click OK

For more details on this view, see section Certificate management in the Administration Guide.

Configure Local RADIUS Server Settings

1. Navigate to System > Settings > Authentication > Local RADIUS Server.

2. See section Configure Local RADIUS Server settings in the Administration Guide to complete configuration of the following:

   • Enable Local RADIUS service

   • Configure Local RADIUS Server settings as appropriate

     • Authentication port

     • TLS Service Configuration

     • Supported EAP Types

     • OCSP

   • Create RADIUS Attribute Groups (optional) - Allows administrators to control the RADIUS attributes FortiNAC returns in an Access-Accept.

   • Local Winbind Configuration (optional) - Provides MSCHAPv2 authentication

   1. Fill out the Windbind configuration

   • Local NetBIOS Name

   • Domain NetBIOS Name

   • Kerberos Realm Name

   • Domain Controller Hostname

   • Log Level

3. Click Save Settings.

4. Click Join Domain.

5. Click Enable Service.

Proceed to Model Configuration.