Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ceva156
New Contributor

Fortinet Wi-Fi client settings

I'm taking lead on the Windows 10 / macOS client portion of a new Fortinet wireless deployment. I'm used to PEAP with MS-CHAP v2 which I can deploy with Group Policy.

It looks like it's defaulting to EAP-TTLS with MS-CHAP v2. This isn't available in Group Policy, so I tried deploying with Intune. It's showing up as N/A, which I'm investigating with Microsoft support.

What protocols are others using for 802.1x on Fortinet wireless?

https://9apps.ooo/
1 REPLY 1
Markus_M
Staff
Staff

Hi ceva,

 

the EAP methods available depend on the RADIUS server and the RADIUS client. They will negotiate. Upon EAP message from the client in the request, the server will send a challenge. The challenge contains an EAP method.

The client can then respond with that method, if supported or reject it with "NAK" and request a different one. The server can then speak that or... and so on.

The wireless controller or AP do not matter much in terms of EAP.

The methods and negotiation are readable in clear text using wireshark. Capture packets on port 1812 (default) and expand the RADIUS packets to see the EAP messages.

 

Best regards,

 

Markus

Labels
Top Kudoed Authors