Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ctanev1
Staff
Staff

Created on ‎10-13-2015 05:38 AM

Article Id 193535

Technical Note: How to Authenticate to FortiAP with certificate

Description
This article outlines the steps to authenticate to FortiAP with certificate.

Solution
The following steps can be used for a Windows RADIUS server (NPS) on Server 2008 OS.

1) Using the Windows CA, issue user certificates for users.
2) Install NPS roll on Windows server and add FortiGate unit as RADIUS client.
3) Configure network policy on NPS with EAP type as PEAP and select only "Smart Card or other certificate" for the EAP types as shown below.
 ctanev_FD37419_tn_FD37419_1_nps_policy.JPG
4) Configure RADIUS client on FortiGate unit with Windows server as the RADIUS server.
5) Configure SSID on FortiGate unit with Security Mode as "WPA2 Enterprise" and select RADIUS server.
6) Import CA certificate and User certificate on User device/computer.
7) Configure WIFI connection as shown in the following screenshot.
ctanev_FD37419_tn_FD37419_2_Client_Settings.JPG

When connecting to SSID, select the user certificate as imported in step 6.

9111
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.