Administrators System Admin
FortiGate Version 4.0 Administration Guide
214 01-400-89802-20090424
http://docs.fortinet.com/ • Feedback
Configuring regular (password) authentication for administrators
You can use a password stored on the local FortiGate unit to authenticate an
administrator.
To configure an administrator to authenticate with a password stored on the
FortiGate unit
1 Go to System > Admin.
2 Select Create New, or select the Edit icon beside an existing administrator.
3 Enter the following information:
4 Configure additional features as required. For more information, see “Configuring an
administrator account” on page 212.
5 Select OK.
When you select Type > Regular, you will see Local as the entry in the Type column when
you view the list of administrators. For more information, see “Viewing the administrators
list” on page 211.
Configuring remote authentication for administrators
You can authenticate administrators using RADIUS, LDAP, or TACACS+ servers. In order
to do this, you must configure the server, include the server as a user in a user group, and
create the administrator account to include in the user group.
Configuring RADIUS authentication for administrators
Remote Authentication and Dial-in User Service (RADIUS) servers provide authentication,
authorization, and accounting functions. FortiGate units use the authentication and
authorization functions of the RADIUS server. To use the RADIUS server for
authentication, you must configure the server before you configure the FortiGate users or
user groups that will need it.
If you have configured RADIUS support and a user is required to authenticate using a
RADIUS server, the FortiGate unit sends the user’s credentials to the RADIUS server for
authentication. If the RADIUS server can authenticate the user, the user is successfully
authenticated with the FortiGate unit. If the RADIUS server cannot authenticate the user,
the FortiGate unit refuses the connection.
If you want to use a RADIUS server to authenticate administrators in your VDOM, you
must configure the authentication before you create the administrator accounts. To do this
you need to:
• configure the FortiGate unit to access the RADIUS server
• create a user group with the RADIUS server as its only member.
Administrator A name for the administrator.
Type Regular.
Password A password for the administrator to use to authenticate.
Confirm
Password
The password entered in Password.
Admin Profile The admin profile to apply to the administrator.
Note: If you forget or lose an administrator account password and cannot log in to your
FortiGate unit, see the Fortinet Knowledge Center article Recovering lost administrator
account passwords.
To Next Page
Loading...