FortiOS 6.2.5
Are there any instructions how to create email or certificate-based 2FA for RADIUS users?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello potapnev,
Thank you for using the Community Forum.
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
Hello
Any ideas?
You've been given excellent responses already. If you aren't happy with the solution provided using FortiGate as email provider, you need to look at your RADIUS server to provide this functionality.
This would be a function of your RADIUS server. Which RADIUS server are you using.
The FortiGate only acts as a RADIUS client...
1. Email token delivery:
config user local
edit "user1"
set type radius
set two-factor email
set email-to "user1@example.com"
set radius-server "my_radius_server"
next
end
You can also use your custom SMTP server.
2. Certificate based SSL VPN authentication:
In the email token option I'll need to add every user manually? Or it will take emails from radius server for every user?
Hi Jeremy,
every user needs to be manually configured, if the second factor is set on the FortiGate.
If the second factor is set on another server like RADIUS, it will have to be configured there. FortiAuthenticator can import users from LDAP and automatically read the email address of that user, assign FortiToken Mobile and send the FortiToken Mobile activation to the email address that was imported. "Remote user sync rules" are the trick.
Best regards,
Markus
Any examples of configuring 2FA on RADIUS so that it could be used by FortiClient?
Hi Jeremy,
regarding the scenario where FortiAuthenticator will act as radius server you can use the following documentation:
Regards
S
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1702 | |
1092 | |
752 | |
446 | |
229 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.