Setting name | Description | |
Profile name | Type a name (such as RADIUS-query) that can be referenced by other parts of the configuration. Do not use spaces or special characters. The maximum length is 35 characters. | |
Server name/IP | Type the fully qualified domain name (FQDN) or IP address of the RADIUS server that will be queried when an account referencing this profile attempts to authenticate. | |
Server port | Type the port number on which the authentication server listens for queries. The IANA standard port number for RADIUS is 1812. | |
Protocol | Select which authentication method is used by the RADIUS server: • Password Authentication • Challenge Handshake Authentication (CHAP) • Microsoft Challenge Handshake Authentication (CHAP) • Microsoft Challenge Handshake Authentication V2 (CHAP version 2) • Default Authentication Scheme | |
NAS IP/Called station ID | Type the NAS IP address or Called Station ID (for more information about RADIUS Attribute 31, see RFC 2548 Microsoft Vendor-specific RADIUS Attributes). If you do not enter an IP address, the IP address of the FortiRecorder network interface used to communicate with the RADIUS server will be applied. | |
Server secret | Type the secret required by the RADIUS server. It must be the same as the secret that is configured on the RADIUS server. | |
Server requires domain | Enable if the authentication server requires that users authenticate using their full email address (such as user1@example.com) and not just the user name (such as user1). | |