Creating a RADIUS-authenticated user account
To authenticate users using an external authentication server, you must first configure the FortiGate unit to access the server.
To configure the remote authentication server - web-based manager
1. Go to User & Device > Authentication > RADIUS Servers and select Create New.
2. Enter the following information and select OK:
Name | OurRADIUSsrv |
Primary Server Name/IP | 10.11.101.15 |
Primary Server Secret | OurSecret |
Authentication Scheme | Select Use Default Authentication Scheme. |
To configure the remote authentication server - CLI
config user radius
edit OurRADIUSsrv
set server 10.11.102.15
set secret OurSecret
set auth-type auto
end
Creation of the user account is similar to the locally-authenticated account, except that you specify the RADIUS authentication server instead of the user’s password.
To configure a remote user - web-based manager
1. Go to User & Device > User > User Definition and select Create New.
2. Follow the User Creation Wizard, entering the following information and then select Create:
User Type | Remote RADIUS User |
User Name | User2 |
RADIUS server | OurRADIUSsrv |
Email Address SMS | (optional) |
Enable | Select. |
To configure a remote user - CLI
config user local
edit User2
set name User2
set type radius
set radius-server OurRADIUSsrv
end