Hello Everyone,
I want to implement 802.1x authentication on wifi users. We have FortiAPs managed by fortigate. I want to use device based authentication with certificate. If certificate exist in laptop/MAC then only users can connect to wifi.
I have gone through some admin guides and threads but it is not clear. Can somebody please reply with steps or document how I can achieve this requirement?
Thanks in advance.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
If I'm not wrong FG can be in this case a basic RADIUS server (I see it in my SSID config) but it seems it is so basic so it doesn't support certificate authentication. In this case you may need an external RADIUS server, you will then configure it on FG (User & Device > RADIUS Servers) and use it as RADIUS server in your SSID as authentication server.
Hello @GauravPandya
Please find the guide from Microsoft for host configuration:
https://learn.microsoft.com/en-us/windows-server/networking/technologies/extensible-authentication-p...
Also this article that might help you:
Thanks. It really helps.
We have OKTA server so we will use OKTA as Radius server.
Great,
Happy to help you!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1548 | |
1032 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.