Fortinet black logo

Cookbook

Configuring RADIUS client on FortiAuthenticator

Copy Link
Copy Doc ID 7eefb386-9916-11e9-81a4-00505692583a:318160
Download PDF

Configuring RADIUS client on FortiAuthenticator

The FortiAuthenticator has to be configured to allow RADIUS clients to make authorization requests to it.

  1. Go to Authentication > RADIUS Service > Clients and select Create New.
  2. Enter a Name, enter the FortiGate’s IP address, and enter a Secret. Set the Authentication method to Password-only authentication and set Username input format to username@realm.

    EAP-TLS should be the only EAP type selected to prevent fallback to a less secure version of authentication if a certificate is not presented by the WiFi client.

Configuring RADIUS client on FortiAuthenticator

The FortiAuthenticator has to be configured to allow RADIUS clients to make authorization requests to it.

  1. Go to Authentication > RADIUS Service > Clients and select Create New.
  2. Enter a Name, enter the FortiGate’s IP address, and enter a Secret. Set the Authentication method to Password-only authentication and set Username input format to username@realm.

    EAP-TLS should be the only EAP type selected to prevent fallback to a less secure version of authentication if a certificate is not presented by the WiFi client.