Authentication
Remote users must be authenticated before they can request services and/or access network resources through the web portal. The authentication process can use a password defined on the FortiGate unit or optionally use established external authentication mechanisms such as RADIUS or LDAP.
To authenticate users, you can use a plain text password on the local FortiGate unit, forward authentication requests to an external RADIUS, LDAP or TACACS+ server, or utilize PKI certificates.
For information about how to create RADIUS, LDAP, TACACS+ or PKI user accounts and certificates, see the Authentication chapter of The Handbook.
| FortiOS supports LDAP password renewal notification and updates through SSL VPN. Enable this configuration in the CLI as follows: config user ldap edit <username> set password-expiry-warning enable set password-renewal enable end For more information, see the Authentication chapter of The Handbook. |