Created on 08-16-2019 07:14 AM Edited on 01-31-2024 06:16 AM By Jean-Philippe_P
Description
This article shows an example to setup Free Radius authentication for FortiWAN login
Solution
(1) Topology
FortiWAN 10.1.212.121 <------> 10.1.212.111 Free Radius
(2) FortiWAN setup
Secret : 1234
(3) Free Radius Setup
User/passwd, xxx/xxx
/usr/share/freeradius/dictionary.fortinet
#
# Fortinet's VSA's
#
VENDOR Fortinet 12356
BEGIN-VENDOR Fortinet
ATTRIBUTE Fortinet-Group-Name 1 string
ATTRIBUTE Fortinet-Client-IP-Address 2 ipaddr
ATTRIBUTE Fortinet-Vdom-Name 3 string
ATTRIBUTE Fortinet-Client-IPv6-Address 4 octets
ATTRIBUTE Fortinet-Interface-Name 5 string
ATTRIBUTE Fortinet-Access-Profile 6 string
ATTRIBUTE Fortinet-FWN-AVPair 26 string
#
# Integer Translations
#
END-VENDOR Fortinet
[\etc\freeradius\users]
xxx Cleartext-Password := "xxx"
Fortinet-FWN-AVPair := "user-group=Administrator"
[\etc\freeradius\clients.conf]
client 10.1.212.24 {
ipaddr = 10.1.212.24
secret = 1234
}Result: After input xxx/xxx into FortiWAN GUI, user will login as Administrator
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.