Fortinet black logo

Administration Guide

Home FortiProxy 7.2.9 Administration Guide
7.2.9
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

Create or edit a RADIUS server

Create or edit a RADIUS server

To add a RADIUS server:

  1. In the RADIUS server list, select Create New from the toolbar. The New RADIUS Server window opens.

  2. Configure the following:

    Name

    Enter the name that is used to identify the RADIUS server on the FortiProxy unit.

    Primary Server IP/Name

    Enter the domain name or IP address of the primary RADIUS server.

    Primary Server Secret

    Enter the RADIUS server secret key for the primary RADIUS server. The primary server secret key length can be up to a maximum of 16 characters.

    For security reason, it is recommended that the server secret key be the maximum length.

    Test Connectivity

    Select Test Connectivity to test if the primary and secondary RADIUS servers can be contacted using the domain name or IP address and secret provided.

    Secondary Server IP/Name

    Enter the domain name or IP address of the secondary RADIUS server, if applicable.

    Secondary Server Secret

    Enter the RADIUS server secret key for the secondary RADIUS server. The secondary server secret key can be up to a maximum length of 16 characters.

    Authentication Method

    Select Default to authenticate with the default method.

    Select Specify to override the default authentication method and then select the protocol from the list: MSCHAP-v2, MS-CHAP, CHAP, or PAP.

    NAS IP

    Optionally, enter the NAS IP address (RADIUS Attribute 31, outlined in RFC 2548).

    In this configuration, the FortiProxy unit is the NAS, which is how the RADIUS server registers all valid servers that use its records.

    If you do not enter an IP address, the IP address that the Fortinet interface uses to communicate with the RADIUS server is applied.

    Include in every User Group

    Enable to have the RADIUS server automatically included in all user groups.

  3. Click OK to create the new RADIUS server.

To edit a RADIUS server:

  1. Select the RADIUS server you want to edit and then click Edit from the toolbar or double-click on the address in the address table. The Edit RADIUS Server window opens.

  2. Edit the server information as required and click OK to apply your changes.

Previous
Next

Create or edit a RADIUS server

To add a RADIUS server:

  1. In the RADIUS server list, select Create New from the toolbar. The New RADIUS Server window opens.

  2. Configure the following:

    Name

    Enter the name that is used to identify the RADIUS server on the FortiProxy unit.

    Primary Server IP/Name

    Enter the domain name or IP address of the primary RADIUS server.

    Primary Server Secret

    Enter the RADIUS server secret key for the primary RADIUS server. The primary server secret key length can be up to a maximum of 16 characters.

    For security reason, it is recommended that the server secret key be the maximum length.

    Test Connectivity

    Select Test Connectivity to test if the primary and secondary RADIUS servers can be contacted using the domain name or IP address and secret provided.

    Secondary Server IP/Name

    Enter the domain name or IP address of the secondary RADIUS server, if applicable.

    Secondary Server Secret

    Enter the RADIUS server secret key for the secondary RADIUS server. The secondary server secret key can be up to a maximum length of 16 characters.

    Authentication Method

    Select Default to authenticate with the default method.

    Select Specify to override the default authentication method and then select the protocol from the list: MSCHAP-v2, MS-CHAP, CHAP, or PAP.

    NAS IP

    Optionally, enter the NAS IP address (RADIUS Attribute 31, outlined in RFC 2548).

    In this configuration, the FortiProxy unit is the NAS, which is how the RADIUS server registers all valid servers that use its records.

    If you do not enter an IP address, the IP address that the Fortinet interface uses to communicate with the RADIUS server is applied.

    Include in every User Group

    Enable to have the RADIUS server automatically included in all user groups.

  3. Click OK to create the new RADIUS server.

To edit a RADIUS server:

  1. Select the RADIUS server you want to edit and then click Edit from the toolbar or double-click on the address in the address table. The Edit RADIUS Server window opens.

  2. Edit the server information as required and click OK to apply your changes.

Previous
Next