User Getting started - User authentication
FortiGate Version 4.0 MR1 Administration Guide
01-410-89802-20090903 651
http://docs.fortinet.com/ • Feedback
User
This section explains how to set up user accounts, user groups, and external
authentication servers. You can use these components of user authentication to control
access to network resources.
If you enable virtual domains (VDOMs) on the FortiGate unit, user authentication is
configured separately for each virtual domain. For details, see “Using virtual domains” on
page 159.
This section describes:
• Getting started - User authentication
• Local user accounts
• Remote
• RADIUS
• LDAP
• TACACS+
• PKI
• Directory Service
• User Group
• Options
• Monitor
• NAC quarantine and the Banned User list
Getting started - User authentication
FortiGate authentication controls access by user group, but you need to complete one or
more of the following tasks prior to configuring the user groups.
• Configure local user accounts. For each user, you can choose whether the password is
verified by the FortiGate unit, by a RADIUS server, by an LDAP server, or by a
TACACS+ server. For more information, see “Local user accounts” on page 652.
• Configure IM user profiles. For IM users, you can configure user lists that either allow
or block use of network resources.FortiGate. For more information, see “IM user
monitor list” on page 677.
• Configure your FortiGate unit to authenticate users by using your RADIUS, LDAP, or
TACACS+ servers. For more information, see “RADIUS” on page 655, “LDAP” on
page 657, and “TACACS+” on page 661.
• Configure access to the FortiGate unit if you use a Directory Service server for
authentication. For more information, see “Configuring a Directory Service server” on
page 663.
• Configure for certificate-based authentication for administrative access (HTTPS web-
based manager), IPSec, SSL-VPN, and web-based firewall authentication. For more
information, see “PKI” on page 664.
To Next Page
Loading...
Need help?
General
