Configuring Peer Users And Peer Groups - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
User
Configuring peer users and peer groups
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/
•
Feedback
Figure 413: Example PKI User list
Name
The name of the PKI user.
Subject
The text string that appears in the subject field of the certificate of the
authenticating user.
CA
The CA certificate that is used to authenticate this user.
Delete icon
Delete this PKI user.
The delete icon is not available if the peer user belongs to a user group.
Remove it from the user group first.
Edit icon
Edit this PKI user.
You can define peer users and peer groups used for authentication in some VPN
configurations and for PKI certificate authentication in firewall policies.
A peer user is a digital certificate holder that can use PKI authentication. Before using PKI
authentication, you must define peer users to include in the user group that is incorporated
into the firewall authentication policy.
To define a peer user, you need:
•
a peer user name
•
the text from the subject field of the certificate of the authenticating peer user, or the
CA certificate used to authenticate the peer user.
You can add or modify other configuration settings for PKI authentication. For more
information, see the
FortiGate CLI
Caution: If you use the CLI to create a peer user, Fortinet recommends that you enter a
value for either subject or ca. If you do not do so, and then open the user record in the web-
based manager, you will be prompted to enter a subject or ca value before you can
continue.
To create a peer user for PKI authentication, go to User > PKI, select Create New., and
enter the following:
Reference.
PKI
Delete
Edit
665
Advertisement
Table of Contents
