Fortinet black logo

Administration Guide

Home FortiProxy 7.2.0 Administration Guide
7.2.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Create or edit an authentication group

Create or edit an authentication group

To create an authentication group:

  1. Go to WAN Optimization > Authentication.

  2. Select Create New from the toolbar.

    The New Authentication Group window opens.

  3. Enter the following information:

    Name

    Enter a name for the authentication group.

    Authentication Method

    Select the authentication method to use.

    • Certificate: Use a certificate to authenticate and encrypt WAN optimization tunnels. Then select a local certificate that has been added to this FortiProxy unit from the drop-down list.

    • Pre-shared Key: Use a pre-shared key or password to authenticate and encrypt WAN optimization tunnels. Then enter the password (or pre-shared key) in the Password field.

    Other FortiProxy units that participate in WAN optimization tunnels with this unit must have an authentication group with the same name and password. The password must contain at least 6 printable characters and should be known only by network administrators. For optimum protection against currently known attacks, the key should consist of a minimum of 16 alphanumeric characters.

    Certificate

    Select a local certificate from the drop-down list.

    Pre-shared Key

    Enter the pre-shared key.

    Accept Peer(s)

    Select the peer acceptance method for the authentication group.

    • Any: If you do not know the peer host IDs or IP addresses of the peers that will use this authentication group.

      This setting is most often used for WAN optimization with FortiProxy units that do not have static IP addresses, such as units that use DHCP.

    • Defined Only: Authenticate with peers that have added to the peer list only.

    • Specify: Select a peer from the drop-down list to authenticate with the selected peer only. Select Create New from the drop-down list to create a peer; see Create or edit a WAN optimization peer.

  4. Click OK to create the new authentication group.

    The authentication group can now be added to WAN optimization profiles to apply the authentication settings in the authentication group to the profile. See Create or edit a WAN optimization profile.

To edit an authentication group:

  1. Go to WAN Optimization > Authentication.

  2. Select the group you want to edit and then click Edit from the toolbar or double-click on the group in the authentication group list.

    The Edit Authentication Group window opens.

  3. Edit the group information as required and click OK to apply your changes.

To delete an authentication group or groups:

  1. Go to WAN Optimization > Authentication.

  2. Select the group or groups that you want to delete.

  3. Click Delete from the toolbar.

  4. Click OK in the confirmation dialog box to delete the selected group or groups.

Previous
Next

Create or edit an authentication group

To create an authentication group:

  1. Go to WAN Optimization > Authentication.

  2. Select Create New from the toolbar.

    The New Authentication Group window opens.

  3. Enter the following information:

    Name

    Enter a name for the authentication group.

    Authentication Method

    Select the authentication method to use.

    • Certificate: Use a certificate to authenticate and encrypt WAN optimization tunnels. Then select a local certificate that has been added to this FortiProxy unit from the drop-down list.

    • Pre-shared Key: Use a pre-shared key or password to authenticate and encrypt WAN optimization tunnels. Then enter the password (or pre-shared key) in the Password field.

    Other FortiProxy units that participate in WAN optimization tunnels with this unit must have an authentication group with the same name and password. The password must contain at least 6 printable characters and should be known only by network administrators. For optimum protection against currently known attacks, the key should consist of a minimum of 16 alphanumeric characters.

    Certificate

    Select a local certificate from the drop-down list.

    Pre-shared Key

    Enter the pre-shared key.

    Accept Peer(s)

    Select the peer acceptance method for the authentication group.

    • Any: If you do not know the peer host IDs or IP addresses of the peers that will use this authentication group.

      This setting is most often used for WAN optimization with FortiProxy units that do not have static IP addresses, such as units that use DHCP.

    • Defined Only: Authenticate with peers that have added to the peer list only.

    • Specify: Select a peer from the drop-down list to authenticate with the selected peer only. Select Create New from the drop-down list to create a peer; see Create or edit a WAN optimization peer.

  4. Click OK to create the new authentication group.

    The authentication group can now be added to WAN optimization profiles to apply the authentication settings in the authentication group to the profile. See Create or edit a WAN optimization profile.

To edit an authentication group:

  1. Go to WAN Optimization > Authentication.

  2. Select the group you want to edit and then click Edit from the toolbar or double-click on the group in the authentication group list.

    The Edit Authentication Group window opens.

  3. Edit the group information as required and click OK to apply your changes.

To delete an authentication group or groups:

  1. Go to WAN Optimization > Authentication.

  2. Select the group or groups that you want to delete.

  3. Click Delete from the toolbar.

  4. Click OK in the confirmation dialog box to delete the selected group or groups.

Previous
Next