Local RADIUS Server (802.1x Only)
Install SSL Certificates
-
Navigate to System > Setting > Security > Certificate Management
-
From the Select target drill-down, select Local RADIUS Server (EAP)
-
Upload certificate(s) and click OK
-
If using EAP-TLS to validate client-side certificate, upload RADIUS Endpoint Trust.
-
Upload certificate(s) and click OK
For more details on this view, see section Certificate management in the Administration Guide.
Configure Local RADIUS Server Settings
-
Navigate to System > Settings > Authentication > Local RADIUS Server.
-
See section Configure Local RADIUS Server settings in the Administration Guide to complete configuration of the following:
-
Enable Local RADIUS service
-
Configure Local RADIUS Server settings as appropriate
-
Authentication port
-
TLS Service Configuration
-
Supported EAP Types
-
OCSP
-
-
Create RADIUS Attribute Groups (optional) - Allows administrators to control the RADIUS attributes FortiNAC returns in an Access-Accept.
-
Local Winbind Configuration (optional) - Provides MSCHAPv2 authentication
-
Fill out the Windbind configuration
-
Local NetBIOS Name
-
Domain NetBIOS Name
-
Kerberos Realm Name
-
Domain Controller Hostname
-
Log Level
-
-
Click Save Settings.
-
Click Join Domain.
-
Click Enable Service.
Proceed to Model Configuration.