Help
FortiWAN
FortiWAN is a Link Load Balancing, Multi-Homing and Tunnel Routing system.
tonylin1
Staff
Staff

Created on ‎08-16-2019 07:14 AM Edited on ‎01-31-2024 06:16 AM By Moderator

Article Id 195298

Technical Tip: How to setup RADIUS authentication for FortiWAN login by using Free Radius

Description
This article shows an example to setup Free Radius authentication for FortiWAN login

Solution
(1)    Topology
FortiWAN 10.1.212.121 <------> 10.1.212.111 Free Radius

(2)    FortiWAN setup

Secret : 1234

(3)    Free Radius Setup
User/passwd, xxx/xxx

/usr/share/freeradius/dictionary.fortinet 
# 
# Fortinet's VSA's 
# 

VENDOR Fortinet 12356 

BEGIN-VENDOR Fortinet 
ATTRIBUTE Fortinet-Group-Name 1 string 
ATTRIBUTE Fortinet-Client-IP-Address 2 ipaddr 
ATTRIBUTE Fortinet-Vdom-Name 3 string 
ATTRIBUTE Fortinet-Client-IPv6-Address 4 octets 
ATTRIBUTE Fortinet-Interface-Name 5 string 
ATTRIBUTE Fortinet-Access-Profile 6 string 
ATTRIBUTE Fortinet-FWN-AVPair 26 string 

# 
# Integer Translations 
# 

END-VENDOR Fortinet 

 

[\etc\freeradius\users] 
xxx Cleartext-Password := "xxx" 
Fortinet-FWN-AVPair := "user-group=Administrator" 

 

[\etc\freeradius\clients.conf] 
client 10.1.212.24 { 
ipaddr = 10.1.212.24 
secret = 1234 
} 

 

Result: After input xxx/xxx into FortiWAN GUI, user will login as Administrator

 

1465
0 Kudos
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.