EasyManua.ls Logo

Fortinet Gate 60D - Directory Service

Fortinet Gate 60D
706 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
User Directory Service
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424 579
http://docs.fortinet.com/Feedback
ASCII
Machine-independent technique that uses representations of English characters.
Requires user to type a user name and password that are sent in clear text
(unencrypted) and matched with an entry in the user database stored in ASCII format.
PAP (password authentication protocol)
Used to authenticate PPP connections. Transmits passwords and other user
information in clear text.
CHAP (challenge-handshake authentication protocol)
Provides the same functionality as PAP, but more secure as it does not send the
password and other user information over the network to the security server.
MS-CHAP (Microsoft challenge-handshake authentication protocol v1)
Microsoft-specific version of CHAP.
The default protocol configuration, Auto, uses PAP, MS-CHAP, and CHAP, in that order.
To add a new TACACS+ server, go to User > Remote > TACACS+, select Create New,
and enter or select the following:
Figure 383: TACACS+ server configuration
Directory Service
Windows Active Directory (AD) and Novell eDirectory provide central authentication
services by storing information about network resources across a domain (a logical group
of computers running versions of an operating system) in a central directory database.
Each person who uses computers within a domain receives his or her own unique
account/user name. This account can be assigned access to resources within the domain.
In a domain, the directory resides on computers that are configured as domain controllers.
A domain controller is a server that manages all security-related features that affect the
user/domain interactions, security centralization, and administrative functions.
Name Enter the name of the TACACS+ server.
Server Name/IP Enter the server domain name or IP address of the TACACS+ server.
Server Key Enter the key to access the TACACS+ server. The server key should be a
maximum of 16 characters in length.
Authentication Type Select the authentication type to use for the TACACS+ server. Selection
includes: Auto, ASCII, PAP, CHAP, and MSCHAP. Auto authenticates using
PAP, MSCHAP, and CHAP (in that order).

Table of Contents