Fortinet black logo

RADIUS Servers

Copy Link
Copy Doc ID e09daf98-5af9-11e9-81a4-00505692583a:822225
Download PDF

RADIUS Servers

The FortiDeceptor system supports remote authentication of administrators using RADIUS servers. To use this feature, you must configure the appropriate server entries in the FortiDeceptor unit for each authentication server in your network.

If you have configured RADIUS support and require a user to authenticate using a RADIUS server, the FortiDeceptor unit contacts the RADIUS server for authentication. To authenticate with the FortiDeceptor unit, the user enters a user name and password. The FortiDeceptor unit sends this user name and password to the RADIUS server. If the RADIUS server can authenticate the user, the FortiDeceptor unit successfully authenticates the user. If the RADIUS server cannot authenticate the user, the FortiDeceptor unit refuses the connection.

The following options are available:

Create New

Select to add a RADIUS server.

Edit

Select a RADIUS server in the list and select Edit in the toolbar to edit the entry.

Delete

Select a RADIUS server in the list and select Delete in the toolbar to delete the entry.

The following information is displayed:

Name

The RADIUS server name.

Primary Address

The primary server IP address.

Secondary Address

The secondary server IP address.

Port

The port used for RADIUS traffic. The default port is 1812.

Auth Type

The authentication type the RADIUS server requires. The default setting of ANY has the FortiDeceptor try all the authentication types. Select one of: ANY, PAP, CHAP, or MSv2.

To add a RADIUS server:
  1. Go to System > RADIUS Servers.
  2. Select + Create New from the toolbar.
  3. Configure the following settings:

    Name

    Enter a name to identify the RADIUS server. The name should be unique to FortiDeceptor.

    Primary Server Name/IP

    Enter the IP address or fully qualified domain name of the primary RADIUS server.

    Secondary Server Name/IP

    Enter the IP address or fully qualified domain name of the secondary RADIUS server.

    Port

    Enter the port for RADIUS traffic. The default port is 1812.

    Auth Type

    Enter the authentication type the RADIUS server requires. The default setting of ANY has the FortiDeceptor try all the authentication types. Select one of: ANY, PAP, CHAP, or MSv2.

    Primary Secret

    Enter the primary RADIUS server secret.

    Secondary Secret

    Enter the secondary RADIUS server secret.

    NAS IP

    Enter the NAS IP address.

  4. Select OK to add the RADIUS server.

RADIUS Servers

The FortiDeceptor system supports remote authentication of administrators using RADIUS servers. To use this feature, you must configure the appropriate server entries in the FortiDeceptor unit for each authentication server in your network.

If you have configured RADIUS support and require a user to authenticate using a RADIUS server, the FortiDeceptor unit contacts the RADIUS server for authentication. To authenticate with the FortiDeceptor unit, the user enters a user name and password. The FortiDeceptor unit sends this user name and password to the RADIUS server. If the RADIUS server can authenticate the user, the FortiDeceptor unit successfully authenticates the user. If the RADIUS server cannot authenticate the user, the FortiDeceptor unit refuses the connection.

The following options are available:

Create New

Select to add a RADIUS server.

Edit

Select a RADIUS server in the list and select Edit in the toolbar to edit the entry.

Delete

Select a RADIUS server in the list and select Delete in the toolbar to delete the entry.

The following information is displayed:

Name

The RADIUS server name.

Primary Address

The primary server IP address.

Secondary Address

The secondary server IP address.

Port

The port used for RADIUS traffic. The default port is 1812.

Auth Type

The authentication type the RADIUS server requires. The default setting of ANY has the FortiDeceptor try all the authentication types. Select one of: ANY, PAP, CHAP, or MSv2.

To add a RADIUS server:
  1. Go to System > RADIUS Servers.
  2. Select + Create New from the toolbar.
  3. Configure the following settings:

    Name

    Enter a name to identify the RADIUS server. The name should be unique to FortiDeceptor.

    Primary Server Name/IP

    Enter the IP address or fully qualified domain name of the primary RADIUS server.

    Secondary Server Name/IP

    Enter the IP address or fully qualified domain name of the secondary RADIUS server.

    Port

    Enter the port for RADIUS traffic. The default port is 1812.

    Auth Type

    Enter the authentication type the RADIUS server requires. The default setting of ANY has the FortiDeceptor try all the authentication types. Select one of: ANY, PAP, CHAP, or MSv2.

    Primary Secret

    Enter the primary RADIUS server secret.

    Secondary Secret

    Enter the secondary RADIUS server secret.

    NAS IP

    Enter the NAS IP address.

  4. Select OK to add the RADIUS server.