Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
vinceneil666
Contributor

FortiGate two factor authentication, sms and ldap

Hi,

I would like my SSL VPN users to have two factor authentication when connecting.

 

I have the VPN working fine with regular LDAP authenticatoin, but when I know want to add the "other factor" ..Im a bit lost.

Do I understand it correctly that within my Fortigate SSL VPN configuration, I am not able to add both my LDAP auth and my RADIUS auth (the radius is my sms thingy..Mideye).

 

I might need to run everything trough a Radius server ( I have a NPS running ) and have the 2factor happen there ? 

 

Its not possible to add both LDAP and RADIUS auth to my SSL config on the fortigate ? or ? 

2 REPLIES 2
Fishbone_FTNT

Hi,

no,  you can't do both RADIUS and LDAP,  Fortigate doesn't have any chained-like authentication.

I guess Mideye has its own RADIUS server which integrates into your LDAP. This RADIUS server should be then used in Fortigate configuration.

This is the way I would investigate.

 

Regards,

Fishbone)(

 

 

smithproxy hacker - www.smithproxy.org

Uwe_Sommerfeld

If I remember correctly the supported second factor for SSL VPN is certificate based only. So trust your personal CA and deliver certificates to the users. 

Labels
Top Kudoed Authors