Fortinet FortiGate Series Administration Manual page 273
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
System Admin
Configuring RADIUS authentication for administrators
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/
•
Feedback
Remote Authentication and Dial-in User Service (RADIUS) servers provide authentication,
authorization, and accounting functions. FortiGate units use the authentication and
authorization functions of the RADIUS server. To use the RADIUS server for
authentication, you must configure the server before you configure the FortiGate users or
user groups that will need it.
If you have configured RADIUS support and a user is required to authenticate using a
RADIUS server, the FortiGate unit sends the user's credentials to the RADIUS server for
authentication. If the RADIUS server can authenticate the user, the user is successfully
authenticated with the FortiGate unit. If the RADIUS server cannot authenticate the user,
the FortiGate unit refuses the connection.
If you want to use a RADIUS server to authenticate administrators in your VDOM, you
must configure the authentication before you create the administrator accounts. To do this
you need to:
•
configure the FortiGate unit to access the RADIUS server
•
create a user group with the RADIUS server as its only member.
Note: Access to the FortiGate unit depends on the VDOM associated with the administrator
account.
The following instructions assume that there is a RADIUS server on your network
populated with the names and passwords of your administrators. For information on how
to set up a RADIUS server, see the documentation for your RADIUS server.
To view the RADIUS server list, go to User > Remote > RADIUS.
Figure 123: Example RADIUS server list
Create New
Name
Server Name/IP
Delete icon
Edit icon
To configure the FortiGate unit to access the RADIUS server
1 Go to User > Remote > RADIUS.
2 Select Create New, or select the Edit icon beside an existing RADIUS server.
3 Enter a name that identifies the RADIUS server. Use this name when you create the
user group
.
Add a new RADIUS server.
The name that identifies the RADIUS server on the FortiGate unit.
The domain name or IP address of the RADIUS server.
Delete a RADIUS server configuration.
You cannot delete a RADIUS server that has been added to a user
group.
Edit a RADIUS server configuration.
Administrators
Delete
Edit
273
Advertisement
Table of Contents
