Fortinet black logo

Cookbook

Home FortiAuthenticator 6.2.0 Cookbook

Creating the RADIUS client and policy on the FortiAuthenticator

6.2.0
6.5.0
6.4.0
6.3.0
6.2.0
6.1.0
6.0.0
5.5.0
Copy Link
Copy Doc ID 502fabff-dbf1-11ea-96b9-00505692583a:346192
Download PDF

Creating the RADIUS client and policy on the FortiAuthenticator

To create the RADIUS client:
  1. On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and select Create New to add the FortiGate as a RADIUS client.
  2. Enter a Name (OfficeServer), the IP address of the FortiGate, and set a Secret.
    The secret is a pre-shared secure password that the FortiGate will use to authenticate to the FortiAuthenticator.
  3. Click OK.

To create the RADIUS policy:
  1. Go to Authentication > RADIUS Service > Policies, and select Create New.
  2. Enter the RADIUS policy name, description, and select the FortiGate RADIUS client.
  3. Optionally, configure RADIUS attribute criteria.
  4. Choose Password/OTP authentication as the authentication type.
  5. Choose a username format (in this example: username@realm), and select the Local realm.
  6. Set the authentication method to Mandatory two-factor authentication, and enable the Allow FortiToken Mobile push notifications option.
  7. Click Save and Exit.

Note

Note the Username input format. This is the format that the user must use to enter their username in the web portal, made up of their username and realm. In this example, the full username for gthreepwood is gthreepwood@local.
Previous
Next

Creating the RADIUS client and policy on the FortiAuthenticator

To create the RADIUS client:
  1. On the FortiAuthenticator, go to Authentication > RADIUS Service > Clients, and select Create New to add the FortiGate as a RADIUS client.
  2. Enter a Name (OfficeServer), the IP address of the FortiGate, and set a Secret.
    The secret is a pre-shared secure password that the FortiGate will use to authenticate to the FortiAuthenticator.
  3. Click OK.

To create the RADIUS policy:
  1. Go to Authentication > RADIUS Service > Policies, and select Create New.
  2. Enter the RADIUS policy name, description, and select the FortiGate RADIUS client.
  3. Optionally, configure RADIUS attribute criteria.
  4. Choose Password/OTP authentication as the authentication type.
  5. Choose a username format (in this example: username@realm), and select the Local realm.
  6. Set the authentication method to Mandatory two-factor authentication, and enable the Allow FortiToken Mobile push notifications option.
  7. Click Save and Exit.

Note

Note the Username input format. This is the format that the user must use to enter their username in the web portal, made up of their username and realm. In this example, the full username for gthreepwood is gthreepwood@local.
Previous
Next