Fortinet Document Library
Version:
6.4.0
6.3.0
6.2.0
Version:
6.1.0
6.0.0
5.5.0
Table of Contents
EAP-TLS authentication
Wired 802.1x EAP-TLS with computer authentication
Active Directory prerequisites
Configuring the certificates
Manually importing the client certificate - Windows 10
Configuring the FortiAuthenticator AD server
Configuring the user group
Configuring remote user sync rules
Configuring the FortiAuthenticator RADIUS client
Configuring the switch
Results
Wireless 802.1x EAP-TLS with computer authentication
Active Directory prerequisites
Configuring the certificates
Manually importing the client certificate - Windows 10
Configuring the Intel PROSet Supplicant - Windows 10
Configuring the FortiAuthenticator AD server
Configuring the user group
Configuring remote user sync rules
Configuring the FortiAuthenticator RADIUS client
Configuring the FortiWiFi
Results
Wireless 802.1x EAP-TLS with user authentication
Configuring the certificates
Manually importing the client certificate - Windows 10
Configuring the FortiAuthenticator AD server
Configuring the user group
Configuring remote user sync rules
Configuring the FortiAuthenticator RADIUS client
Configuring the FortiWiFi
Results
FortiToken and FortiToken Mobile
FortiToken Mobile Push for SSL VPN
Adding a FortiToken to the FortiAuthenticator
Adding the user to the FortiAuthenticator
Creating the RADIUS client on the FortiAuthenticator
Connecting the FortiGate to the RADIUS server
Configuring the SSL VPN
Results
Guest Portals
FortiAuthenticator as Guest Portal for FortiWLC
Creating the FortiAuthenticator as RADIUS server on the FortiWLC
Creating the Captive Portal profile on the FortiWLC
Creating the security profile on the FortiWLC
Creating the QoS rule on the FortiWLC
Creating the ESS Profile on the FortiWLC
Creating FortiWLC as RADIUS Client on the FortiAuthenticator
Creating the Guest Portal on the FortiAuthenticator
Creating the Portal Rule on the FortiAuthenticator
Results
MAC authentication bypass
MAC authentication bypass with dynamic VLAN assignment
Configuring MAC authentication bypass on the FortiAuthenticator
Configuring the user group
Configuring the RADIUS client
Configuring the 3rd-party switch
Results
SAML authentication
SAML 2.0 FSSO with FortiAuthenticator and Centrify
Configuring DNS and FortiAuthenticator's FQDN
Enabling FSSO and SAML on the FortiAuthenticator
Adding SAML connector to Centrify for IdP metadata
Importing the IdP certificate and metadata on the FortiAuthenticator
Uploading the SP metadata to the Centrify tenant
Configuring FSSO on the FortiGate
Configuring captive portal and security policies
Results
SAML 2.0 FSSO with FortiAuthenticator and Google G Suite
Configuring FSSO and SAML on the FortiAuthenticator
Configuring SAML on G Suite
Importing the IdP certificate and metadata on the FortiAuthenticator
Configuring FSSO on the FortiGate
Configuring Captive Portal and security policies
Results
SAML 2.0 FSSO with FortiAuthenticator and Okta
Configuring DNS and FortiAuthenticator's FQDN
Enabling FSSO and SAML on the FortiAuthenticator
Configuring the Okta developer account IDP application
Importing the IDP certificate and metadata on the FortiAuthenticator
Configuring FSSO on the FortiGate
Configuring Captive Portal and security policies
Results
Self-service Portal
FortiAuthenticator user self-registration
Creating a self-registration user group
Enabling self-registration
Creating a new SMTP server
Results - Self-registration
Results - Administrator approval
VPNs
SSL VPN with RADIUS and FortiToken
Creating a user and a user group
Creating the RADIUS client
Connecting the FortiGate to FortiAuthenticator
Allowing users to connect to the VPN
Results
Legacy
Social WiFi captive portal
Social WiFi captive portal with FortiAuthenticator (Facebook)
Configuring the Facebook developer account API
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to Facebook
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Social WiFi captive portal with FortiAuthenticator (Form-based)
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Social WiFi captive portal with FortiAuthenticator (Google+)
Configuring the Google+ developer account API
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to Google
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Social WiFi captive portal with FortiAuthenticator (LinkedIn)
Configuring the LinkedIn developer account API
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to LinkedIn
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Social WiFi captive portal with FortiAuthenticator (Twitter)
Configuring the Twitter developer account API
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to Twitter
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Change log
Home
FortiAuthenticator 5.5.0
Cookbook
Cookbook
EAP-TLS authentication
Wired 802.1x EAP-TLS with computer authentication
Active Directory prerequisites
Configuring the certificates
Manually importing the client certificate - Windows 10
Configuring the FortiAuthenticator AD server
Configuring the user group
Configuring remote user sync rules
Configuring the FortiAuthenticator RADIUS client
Configuring the switch
Results
Wireless 802.1x EAP-TLS with computer authentication
Active Directory prerequisites
Configuring the certificates
Manually importing the client certificate - Windows 10
Configuring the Intel PROSet Supplicant - Windows 10
Configuring the FortiAuthenticator AD server
Configuring the user group
Configuring remote user sync rules
Configuring the FortiAuthenticator RADIUS client
Configuring the FortiWiFi
Results
Wireless 802.1x EAP-TLS with user authentication
Configuring the certificates
Manually importing the client certificate - Windows 10
Configuring the FortiAuthenticator AD server
Configuring the user group
Configuring remote user sync rules
Configuring the FortiAuthenticator RADIUS client
Configuring the FortiWiFi
Results
FortiToken and FortiToken Mobile
FortiToken Mobile Push for SSL VPN
Adding a FortiToken to the FortiAuthenticator
Adding the user to the FortiAuthenticator
Creating the RADIUS client on the FortiAuthenticator
Connecting the FortiGate to the RADIUS server
Configuring the SSL VPN
Results
Guest Portals
FortiAuthenticator as Guest Portal for FortiWLC
Creating the FortiAuthenticator as RADIUS server on the FortiWLC
Creating the Captive Portal profile on the FortiWLC
Creating the security profile on the FortiWLC
Creating the QoS rule on the FortiWLC
Creating the ESS Profile on the FortiWLC
Creating FortiWLC as RADIUS Client on the FortiAuthenticator
Creating the Guest Portal on the FortiAuthenticator
Creating the Portal Rule on the FortiAuthenticator
Results
MAC authentication bypass
MAC authentication bypass with dynamic VLAN assignment
Configuring MAC authentication bypass on the FortiAuthenticator
Configuring the user group
Configuring the RADIUS client
Configuring the 3rd-party switch
Results
SAML authentication
SAML 2.0 FSSO with FortiAuthenticator and Centrify
Configuring DNS and FortiAuthenticator's FQDN
Enabling FSSO and SAML on the FortiAuthenticator
Adding SAML connector to Centrify for IdP metadata
Importing the IdP certificate and metadata on the FortiAuthenticator
Uploading the SP metadata to the Centrify tenant
Configuring FSSO on the FortiGate
Configuring captive portal and security policies
Results
SAML 2.0 FSSO with FortiAuthenticator and Google G Suite
Configuring FSSO and SAML on the FortiAuthenticator
Configuring SAML on G Suite
Importing the IdP certificate and metadata on the FortiAuthenticator
Configuring FSSO on the FortiGate
Configuring Captive Portal and security policies
Results
SAML 2.0 FSSO with FortiAuthenticator and Okta
Configuring DNS and FortiAuthenticator's FQDN
Enabling FSSO and SAML on the FortiAuthenticator
Configuring the Okta developer account IDP application
Importing the IDP certificate and metadata on the FortiAuthenticator
Configuring FSSO on the FortiGate
Configuring Captive Portal and security policies
Results
Self-service Portal
FortiAuthenticator user self-registration
Creating a self-registration user group
Enabling self-registration
Creating a new SMTP server
Results - Self-registration
Results - Administrator approval
VPNs
SSL VPN with RADIUS and FortiToken
Creating a user and a user group
Creating the RADIUS client
Connecting the FortiGate to FortiAuthenticator
Allowing users to connect to the VPN
Results
Legacy
Social WiFi captive portal
Social WiFi captive portal with FortiAuthenticator (Facebook)
Configuring the Facebook developer account API
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to Facebook
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Social WiFi captive portal with FortiAuthenticator (Form-based)
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Social WiFi captive portal with FortiAuthenticator (Google+)
Configuring the Google+ developer account API
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to Google
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Social WiFi captive portal with FortiAuthenticator (LinkedIn)
Configuring the LinkedIn developer account API
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to LinkedIn
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Social WiFi captive portal with FortiAuthenticator (Twitter)
Configuring the Twitter developer account API
Configuring the social portal RADIUS service on the FortiAuthenticator
Configuring the FortiGate authentication settings
Configuring the FortiGate WiFi settings
Configuring the FortiGate to allow access to Twitter
Configuring the FortiGate to allow access to the FortiAuthenticator
Results
Change log
5.5.0
6.4.0
6.3.0
6.2.0
6.1.0
6.0.0
5.5.0
Download PDF
Copy Link
EAP-TLS authentication
This section describes configuring EAP-TLS authentication with FortiAuthenticator.
EAP-TLS authentication
This section describes configuring EAP-TLS authentication with FortiAuthenticator.
Link
PDF
TOC