System Admin Administrators
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 273
http://docs.fortinet.com/ • Feedback
Configuring RADIUS authentication for administrators
Remote Authentication and Dial-in User Service (RADIUS) servers provide authentication,
authorization, and accounting functions. FortiGate units use the authentication and
authorization functions of the RADIUS server. To use the RADIUS server for
authentication, you must configure the server before you configure the FortiGate users or
user groups that will need it.
If you have configured RADIUS support and a user is required to authenticate using a
RADIUS server, the FortiGate unit sends the user’s credentials to the RADIUS server for
authentication. If the RADIUS server can authenticate the user, the user is successfully
authenticated with the FortiGate unit. If the RADIUS server cannot authenticate the user,
the FortiGate unit refuses the connection.
If you want to use a RADIUS server to authenticate administrators in your VDOM, you
must configure the authentication before you create the administrator accounts. To do this
you need to:
• configure the FortiGate unit to access the RADIUS server
• create a user group with the RADIUS server as its only member.
The following instructions assume that there is a RADIUS server on your network
populated with the names and passwords of your administrators. For information on how
to set up a RADIUS server, see the documentation for your RADIUS server.
To view the RADIUS server list, go to User > Remote > RADIUS.
Figure 123: Example RADIUS server list
To configure the FortiGate unit to access the RADIUS server
1 Go to User > Remote > RADIUS.
2 Select Create New, or select the Edit icon beside an existing RADIUS server.
3 Enter a name that identifies the RADIUS server. Use this name when you create the
user group
.
Note: Access to the FortiGate unit depends on the VDOM associated with the administrator
account.
Create New Add a new RADIUS server.
Name The name that identifies the RADIUS server on the FortiGate unit.
Server Name/IP The domain name or IP address of the RADIUS server.
Delete icon Delete a RADIUS server configuration.
You cannot delete a RADIUS server that has been added to a user
group.
Edit icon Edit a RADIUS server configuration.
To Next Page
Loading...
Need help?
General
