Creating a RADIUS-authenticated user account

Chapter 3 Authentication for FortiOS 5.0 : Examples and Troubleshooting : Firewall authentication example : Creating a RADIUS-authenticated user account

To authenticate users using an external authentication server, you must first configure the FortiGate unit to access the server.

To configure the remote authentication server - web-based manager

1. Go to User & Device > Authentication > RADIUS Servers and select Create New.

2. Enter the following information and select OK:


Name	OurRADIUSsrv
Primary Server Name/IP	10.11.101.15
Primary Server Secret	OurSecret
Authentication Scheme	Select Use Default Authentication Scheme.

To configure the remote authentication server - CLI

config user radius

edit OurRADIUSsrv

set server 10.11.102.15

set secret OurSecret

set auth-type auto

end

Creation of the user account is similar to the locally-authenticated account, except that you specify the RADIUS authentication server instead of the user’s password.

To configure a remote user - web-based manager

1. Go to User & Device > User > User Definition and select Create New.

2. Enter the following information and select OK:


User Name	User2
Match user on RADIUS server	Select this option and then select OurRADIUSsrv from the list.

To configure a remote user - CLI

config user local

edit User2

set name User2

set type radius

set radius-server OurRADIUSsrv

end