Fortinet white logo
Fortinet white logo

Administration Guide

Configuring FortiManager

Configuring FortiManager

On the FortiManager, you need to configure the RADIUS server and create an administrator that uses the RADIUS server for authentication.

To configure the RADIUS server:
  1. Go to System Settings > Admin > Remote Authentication Server.
  2. Click Create New > RADIUS Server in the toolbar.
  3. Configure the following settings, then click OK.

    Name

    Enter a name to identify the FortiAuthenticator.

    Server Name/IP

    Enter the IP address or fully qualified domain name of your FortiAuthenticator.

    Port

    Enter the port for FortiAuthenticator traffic.

    Server Secret

    Enter the FortiAuthenticator secret.

    Secondary Server Name/IP

    Enter the IP address or fully qualified domain name of the secondary FortiAuthenticator, if applicable.

    Secondary Server Secret

    Enter the secondary FortiAuthenticator secret, if applicable.

    Authentication Type

    Select the authentication type the FortiAuthenticator requires. If you select the default ANY, FortiManager tries all authentication types.

    Note: RADIUS server authentication for local administrator users stored in FortiAuthenticator requires the PAP authentication type.

To create the administrator:
  1. Go to System Settings > Admin > Administrator.
  2. Click Create New from the toolbar.
  3. Configure the settings, selecting the previously added RADIUS server from the RADIUS Server dropdown list. See Creating administrators.
  4. Click OK to save the settings.
To test the configuration:
  1. Attempt to log in to the FortiManager GUI with your new credentials.
  2. Enter your user name and password and click Login.
  3. Enter your FortiToken pin code and click Submit to log in to the FortiManager.

Configuring FortiManager

Configuring FortiManager

On the FortiManager, you need to configure the RADIUS server and create an administrator that uses the RADIUS server for authentication.

To configure the RADIUS server:
  1. Go to System Settings > Admin > Remote Authentication Server.
  2. Click Create New > RADIUS Server in the toolbar.
  3. Configure the following settings, then click OK.

    Name

    Enter a name to identify the FortiAuthenticator.

    Server Name/IP

    Enter the IP address or fully qualified domain name of your FortiAuthenticator.

    Port

    Enter the port for FortiAuthenticator traffic.

    Server Secret

    Enter the FortiAuthenticator secret.

    Secondary Server Name/IP

    Enter the IP address or fully qualified domain name of the secondary FortiAuthenticator, if applicable.

    Secondary Server Secret

    Enter the secondary FortiAuthenticator secret, if applicable.

    Authentication Type

    Select the authentication type the FortiAuthenticator requires. If you select the default ANY, FortiManager tries all authentication types.

    Note: RADIUS server authentication for local administrator users stored in FortiAuthenticator requires the PAP authentication type.

To create the administrator:
  1. Go to System Settings > Admin > Administrator.
  2. Click Create New from the toolbar.
  3. Configure the settings, selecting the previously added RADIUS server from the RADIUS Server dropdown list. See Creating administrators.
  4. Click OK to save the settings.
To test the configuration:
  1. Attempt to log in to the FortiManager GUI with your new credentials.
  2. Enter your user name and password and click Login.
  3. Enter your FortiToken pin code and click Submit to log in to the FortiManager.