Technical Tip: RSA SecurID Ready Implementation Guide
Article
| Description | This article describes that RSA SecurID authentication integrates with RADIUS servers and is supported by the FortiGates.
FortiGates support user authentication to a RADIUS server, among others. It is possible to add the name of a RADIUS server to the FortiGate user database to allow users to authenticate using the selected RADIUS server.
It is possible to disable a user name so that the user cannot authenticate. |
| Products | FortiGates running FortiOS 2.8 and 3.0 firmware. |
| Steps or Commands | To enable authentication, it is necessary to add user names to one or more user groups. It is possible to add RADIUS servers to user groups.
When a user group that contains RADIUS server is selected to authenticate, the RADIUS server goes through the RSA ACE/Server to complete the authentication.
Through RADIUS servers, RSA SecurID authentication applies to the following FortiGate features: - Any firewall policy with Action set to ACCEPT. - IPSec dialup user phase 1 configurations. - XAuth functionality for phase 1 IPSec VPN configurations. - PPTP. - L2TP.
For information on configuring a RADIUS server on a FortiGate, see the FortiGate User Authentication Guide on the Technical Documentation web site. |