1. Manuals
  2. Brands
  3. Fortinet Manuals
  4. Gateway
  5. FortiGate v3.0 MR7
  6. User manual

Fortigate Administrator's View Of Authentication - Fortinet FortiGate v3.0 MR7 User Manual

User authentication
Hide thumbs
Table of Contents

Advertisement

Introduction

FortiGate administrator's view of authentication

1
2
FortiOS v3.0 MR7 User Authentication User Guide
01-30007-0347-20080828
FortiClient can store the user name and password for a VPN as part of the
configuration for the VPN connection and pass them to the FortiGate unit as
needed. Or, FortiClient can request the user name and password from the user
when the FortiGate unit requests them.
SSL VPN is a form of VPN that can be used with a standard Web browser. There
are two modes of SSL VPN operation (supported in NAT/Route mode only):
web-only mode, for thin remote clients equipped with a web-browser only
tunnel mode, for remote computers that run a variety of client and server
applications.
Note: After a defined period of user inactivity on the VPN connection (the idle
timeout, defined by the FortiGate administrator), the user access will expire. The
default is 1500 seconds (25 minutes). To access the resource, the user will have
to authenticate again.
Authentication is based on user groups. You configure authentication parameters
for firewall policies and VPN tunnels to permit access only to members of
particular user groups. A member of a user group can be:
a user whose user name and password are stored on the FortiGate unit
a user whose name is stored on the FortiGate unit and whose password is
stored on a remote or external authentication server
a remote or external authentication server with a database that contains the
user name and password of each person who is permitted access
If remote or external authentication is needed, configure the required servers.
See
"Configuring the FortiGate unit to use a RADIUS server" on page
See
"Configuring the FortiGate unit to use an LDAP server" on page
See
"Configuring the FortiGate unit to use a Directory Service server" on
page
28.
Configure local and peer (PKI) user identities (see
authentication" on page
9). For each local user, you can choose whether the
FortiGate unit or a remote authentication server verifies the password. Peer
members can be included in user groups for use in firewall policies.
See
"Creating local users" on page
See
"Creating peer users" on page
FortiGate administrator's view of authentication
"Public Key Infrastructure (PKI)
34.
36.
16.
21.
7

Advertisement

Table of Contents
loading

Related Manuals for Fortinet FortiGate v3.0 MR7

Related Content for Fortinet FortiGate v3.0 MR7

Table of Contents

Save PDF