FortiGate User Authentication Version 1 Guide
10
01-28007-0233-20050825
LDAP Servers
Authentication servers
To configure the FortiGate unit, you need to know the server’s domain name or IP
address and its shared secret key.
To configure the FortiGate unit for RADIUS authentication - web-based
manager
1
Go to
User > RADIUS
.
2
Select Create New to add a new RADIUS server or select the Edit icon to edit an
existing configuration.
3
Enter the Name of the RADIUS server.
4
Enter the domain name or IP address of the RADIUS server.
5
Enter the RADIUS server secret.
6
Select OK.
To configure the FortiGate unit for RADIUS authentication - CLI
config user radius
edit <name>
set secret <password>
set server <ip_address>
end
To remove a RADIUS server from the FortiGate unit configuration
You cannot remove a RADIUS server that belongs to a user group. Remove it
from the user group first.
1
Go to
User > RADIUS
.
2
Select the Delete icon beside the RADIUS server name that you want to remove.
3
Select OK.
To remove a RADIUS server from the FortiGate unit configuration - CLI
config user radius
delete <name>
end
LDAP Servers
Lightweight Directory Access Protocol (LDAP) is an Internet protocol used to
maintain databases of user names, passwords, email addresses and other
information.
The scale of LDAP servers ranges from big public servers such as BigFoot and
Infospace to large organizational servers at universities and corporations to small
LDAP servers for workgroups. This document focuses on the institutional and
workgroup applications of LDAP.
The FortiGate unit supports LDAP protocol functionality as defined in RFC 2251
for looking up and validating user names and passwords. FortiGate LDAP
supports all LDAP servers compliant with LDAP v3.