RADIUS server
Remote Authentication Dial-in User (RADIUS) is a user authentication and network-usage accounting system. When users connect to a server they enter a user name and password. This information is passed to a RADIUS server, which authenticates the user and authorizes access to the network.
You can create or edit RADIUS server entries in the RADIUS server list to support authentication of administrators. When an administrator account’s type is set to RADIUS, the FortiAnalyzer unit uses the RADIUS server to verify the administrator password at logon. The password is not stored on the FortiAnalyzer unit.
To add a RADIUS server configuration:
1. Go to System Settings > Admin > Remote Auth Server.
2. Select the Create New in the toolbar and select RADIUS in the drop-down list.
The New RADIUS Server dialog box appears.
3. Configure the following settings:
Name | Enter a name to identify the RADIUS server. |
Server Name/IP | Enter the IP address or fully qualified domain name of the RADIUS server. |
Server Secret | Enter the RADIUS server secret. |
Secondary Server Name/IP | Enter the IP address or fully qualified domain name of the secondary RADIUS server. |
Secondary Server Secret | Enter the secondary RADIUS server secret. |
Port | Enter the port for RADIUS traffic. The default port is 1812. Some RADIUS servers use port 1645. |
Auth-Type | Enter the authentication type the RADIUS server requires. Select from ANY, PAP, CHAP, or MSv2 (MSCHAPv2). The default setting of ANY has the FortiAnalyzer unit try all the authentication types. |
4. Select OK to save the new RADIUS server configuration.
