Creating the RADIUS client on the FortiAuthenticator
- On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and select Create New to add the FortiGate as a RADIUS client.
- Enter a Name (OfficeServer), the IP address of the FortiGate, and set a Secret. The secret is a pre-shared secure password that the FortiGate will use to authenticate to the FortiAuthenticator.
- Set Authentication method to Enforce two-factor authentication and check the Enable FortiToken Mobile push notifications authentication checkbox.
- Set Realms to local | Local users, and add RemoteFTMUsers to the Groups filter.
Note the Username input format. This is the format that the user must use to enter their username in the web portal, made up of their username and realm. In this example, the full username for gthreepwood is "gthreepwood@local".