Authentication Policies
FortiGuest allows user authentication via the internal user database or an external authentication server. For an authentication attempt against FortiGuest each server is tried in order against the relevant domain. If an external server rejects the authentication attempt then the user is rejected by FortiGuest. If a server does not respond the next server in the realm is tested.
With an external authentication server, the sponsors need not have another set of user names and passwords to authenticate. The existing server user credentials are used for authentication. It also enables the administrator to quickly roll out user access because there is no need to create and manage additional local sponsor accounts.
Navigate to Network Access Policies > Authentication Policies and click New. Enter a Name for the authentication policy and select the authentication Server Type. Based on the selected authentication server, update the subsequent settings/parameters to create an authentication policy. You can Clone the authentication policy to reuse configurations.
The external servers authenticate sponsors using their existing server credentials. It also enables the administrator to quickly roll out user access because there is no need to create and manage additional local sponsor accounts.