DescriptionThis article provides the info on RADSEC support for Radius authentication.ScopeFor version 6.2.0.SolutionThe main focus of RADSEC is to provide a means to secure the communication between Radius/TCP peers on the transport layer.
When a RADSEC client connects to FortiAuthenticator through TLS on the specified port, after being decrypted, they are handled by the FortiAuthenticator's RADIUS daemon like standard RADIUS requests via UDP.
RADSEC can be enabled for Radius authentication with below steps,
1) RADSEC service need to be enabled on each FortiAuthenticator network interface individually.
2) Selecting a RADSEC server certificate in Authentication -> RADIUS Service -> Certificates. Certificate can be imported under Certificate Management.
3) The default RADSEC port is 2083 and can be configured in Authentication -> RADIUS Service -> Services.