Configuring the FortiAuthenticator RADIUS client
To create the RADIUS client:
- On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and select Create New.
- Enter a Name, the IP address of the FortiGate, and set a Secret.
The secret is a pre-shared secure password that the FortiGate will use to authenticate to the FortiAuthenticator.
- Click OK.
To create the RADIUS policy:
- Go to Authentication > RADIUS Service > Policies, and select Create New.
- Enter the RADIUS policy name, description, and select the FortiGate RADIUS client.
- Optionally, configure RADIUS attribute criteria.
- Choose Password/OTP authentication as the authentication type.
- Choose a username format (in this example: username@realm), select the Local realm, and add the SMSgroup as a filter.
- Set the authentication method to Mandatory two-factor authentication.
- Click Save and Exit.