Chapter 3 Authentication for FortiOS 5.0 : Examples and Troubleshooting : RADIUS SSO example : Configuring FortiGate interfaces
  
Configuring FortiGate interfaces
Before configuring the RADIUS SSO security policy, configure FortiGate interfaces. This includes defining a DHCP server for the internal network as this type of network typically uses DHCP. The wan1 and dmz interfaces are assigned static IP addresses and do not need a DHCP server.
 
Table 28: FortiGate interfaces used in this example
Interface
Subnet
Act as DHCP Server
Devices
wan1
172.20.120.141
No
Internet Service Provider
dmz
10.11.101.100
No
Servers, including RADIUS server
internal
10.11.102.100
Yes: x.x.x.110-.250
Internal user network
To configure FortiGate interfaces - web-based manager
1. Go to System > Network > Interfaces.
2. Select wan1 to edit.
3. Enter the following information and select OK.
Alias
Internet
Addressing Mode
Manual
  IP/Network Mask
172.20.120.141/255.255.255.0
Administrative Access
HTTPS, SSH
Enable DHCP Server
Not selected
Comments
Internet
Administrative Status
Up
4. Select dmz to edit.
5. Enter the following information and select OK.
Alias
Servers
Addressing Mode
Manual
  IP/Network Mask
10.11.101.100/255.255.255.0
Administrative Access
HTTPS, SSH, PING, SNMP
Enable DHCP Server
Not selected
Listen for RADIUS Accounting Messages
Select
Comments
Servers
Administrative Status
Up
6. Select internal to edit.
7. Enter the following information and select OK.
Alias
Internal network
Addressing Mode
Manual
  IP/Network Mask
10.11.102.100/255.255.255.0
Administrative Access
HTTPS, SSH, PING
Enable DHCP Server
Select
Address Range
10.11.102.110 - 10.11.102.250
Netmask
255.255.255.0
Default Gateway
Same as Interface IP
DNS Server
Same as System DNS
Comments
Internal network
Administrative Status
Up