Two-Factor Authentication - Fortinet FortiGate Series Administration Manual
Hide thumbs
Also See for FortiGate Series:
- Administration manual (60 pages) ,
- Install manual (51 pages) ,
- Quick start manual (14 pages)
Table of Contents
Advertisement
What's new in FortiOS Version 4.0 MR1
Two-factor authentication
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903
http://docs.fortinet.com/
•
Feedback
config apps
edit
<appname_str>
set
md5s <md5_str>
end
end
Variable
<applist_name>
action
{allow | block}
<appname_str>
md5s <md5_str>
In FortiOS 4.0 MR1, PKI users can be required to authenticate by password in addition to
their certificate authentication, for both administrative and SSL VPN access. This provides
additional security to meet ICSA 4.0 requirements.
To enable two-factor authentication for a PKI user - web-based manager
1 Go to User > PKI.
2 Select the Edit icon for the user.
3 Expand Two-factor authentication.
4 Select Require two-factor authentication and enter the Password for this user.
5 Select OK.
6 Repeat steps
2
through
To enable two-factor authentication for a PKI user - CLI
config user peer
edit <peer1_name>
set two-factor enable
set password <password_str>
next
edit <peer2_name>
...
end
To require two-factor authentication in an SSL VPN
conf vpn ssl settings
set force-two-factor-auth enable
end
If this option is enabled, only users with two-factor authentication can log in to the SSL
VPN.
Description
Enter a name for the application control list.
allow — Allow only the applications on this list
block — Block these applications, allow all others
Enter a name for the application.
Enter one or more MD5 checksums, separated by
spaces.
5
for each user who must use two-factor authentication.
Two-factor authentication
Default
No default.
allow
No default.
No default.
43
Advertisement
Table of Contents
