Authentication Groups

You need to add authentication groups to support authentication and secure tunneling between WAN optimization peers.

To perform authentication, WAN optimization peers use a certificate or a pre-shared key added to an authentication group, so they can identify each other before forming a WAN optimization tunnel. Both peers must have an authentication group with the same name and settings. The authentication group is added to a peer-to-peer or active rule on the client-side FortiProxy unit. When the server-side FortiProxy unit receives a tunnel start request that includes an authentication group from the client-side unit, the server-side unit finds an authentication group in its configuration with the same name. If both authentication groups have the same certificate or pre-shared key, the peers can authenticate and set up the tunnel.

Go to WAN Optimization > Authentication to manage the authentication groups.

Hover over the leftmost edge of the column heading to display the Configure Table icon, which you can use to select the columns to display or to reset all the columns to their default settings. You can also drag column headings to change their order.

The following options are available:

Create New	Create an authentication group. See Create or edit an authentication group.
Edit	Edit an authentication group. See Create or edit an authentication group.
Delete	Delete an authentication group or groups.
Search	Enter a search term to search for in the group list.
Name	The name of the authentication group.
Authentication Method	The authentication used by the group, either Certificate or Pre-shared key.
Peer(s)	The peer or peers in the authentication group.
Ref.	Displays the number of times the object is referenced to other objects. To view the location of the referenced object, select the number in Ref.; the Object Usage window opens and displays the various locations of the referenced object.