| Description |
This article describes how to set up a FortiNAC as Radius Server on FortiGate. |
| Scope | FortiNAC is proxying the radius traffic from FortiGate to FortiAuthenticator. |
| Solution |
The addressing scheme utilized for the demonstration is as follows:
The FortiNAC has been assigned the IP address 10.21.0.18, while the FortiAuthenticator has been assigned the IP address 10.21.0.13.
1) Validate the Radius Setting on FortiNAC as below: - Navigate to the Network section, select Radius, and select the Proxy on the top right corner.
- Add the Radius Server configuration and finally test and Save.
2) Now, add the FortiGate on the FortiNAC below: - Configure a container on FortiNAC, select Inventory, choose Add, and provide the name as FGT_CNT
3) Add FortiGate to this content:
4) Select FGT_CNT and select the Add Tab as below: - The required information needs to be provided: SNMP security String and Fortigate User Credentials.
5) To initiate the process of enabling Radius Authentication, follow these steps: - Locate the FGT_KVM instance, 'right-click' on it, and select 'Model Configuration' from the context menu.
After accessing the 'Model Configuration' by following the previous steps, proceed as follows: - Enter the necessary details: If the FortiNAC (FortiGate Network Access Control) is configured with multiple Radius Servers, choose the desired one. However, for the purpose of this article, only one Radius Server (FortiAuthenticator) will be used.
- Select the 'Radius' option under the Authentication section. Provide the secret that has been configured on the FortiAuthenticator.
6) Testing from FortiGate with User Credentials as below:
 |
