Fortinet black logo

Cookbook

Configure RADIUS settings on FortiAuthenticator

Copy Link
Copy Doc ID 502fabff-dbf1-11ea-96b9-00505692583a:559319
Download PDF

Configure RADIUS settings on FortiAuthenticator

To create a RADIUS service policy:
  1. Go to Authentication > RADIUS Service > Policies, and click Create New.
  2. Under RADIUS clients, set the following and then click Next:
    1. Policy Name: Enter a name for the policy, for example EAP-TLS Policy Azure.
    2. Description: Enter an optional description, for example EAP-TLS Policy for User Authentication.
    3. RADIUS Clients: Add the FortiGate to the Chosen RADIUS Clients section.
  3. Under RADIUS attribute criteria, click Next without making changes.
  4. Under Authentication type, select Client Certificates (EAP-TLS), and click Next.
  5. Under Identity source, set the following and then click Next:
    1. Username format: Select your preferred format, for example username@realm.
    2. Realms: Select the realm that you set up to communicate with Azure, for example fortixpert.com.
  6. Under Authentication factors, click Next without making changes.
  7. Under RADIUS response, validate that the EAP-TLS response is as expected, and click Save and exit.

Configure RADIUS settings on FortiAuthenticator

To create a RADIUS service policy:
  1. Go to Authentication > RADIUS Service > Policies, and click Create New.
  2. Under RADIUS clients, set the following and then click Next:
    1. Policy Name: Enter a name for the policy, for example EAP-TLS Policy Azure.
    2. Description: Enter an optional description, for example EAP-TLS Policy for User Authentication.
    3. RADIUS Clients: Add the FortiGate to the Chosen RADIUS Clients section.
  3. Under RADIUS attribute criteria, click Next without making changes.
  4. Under Authentication type, select Client Certificates (EAP-TLS), and click Next.
  5. Under Identity source, set the following and then click Next:
    1. Username format: Select your preferred format, for example username@realm.
    2. Realms: Select the realm that you set up to communicate with Azure, for example fortixpert.com.
  6. Under Authentication factors, click Next without making changes.
  7. Under RADIUS response, validate that the EAP-TLS response is as expected, and click Save and exit.