Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Can we autneticate users with smartcard through Fortigate

Currently we are authenticating users via RSA through Fortigate whenever they access any resources. Can they be authenticated via Smart card, if we have smart cards in our enviornment . Thanks Munit
5 REPLIES 5
romanr
Valued Contributor

Yes u can! Most SmartCard-Authentication is done via a secial radius server -> The Fortigate won' t see wheter it is a normal password or a PIN! Or do you mean by " smartcard" (some people call RSA Cards as smartcards as well!), cards with PKCS11 cert storage? In this case, the client would need to be able to handle that device!! I' m not sure if Forticlient already can handle this kind of device(like the sentinel did)! The FGT would then only handle the cert-based authentication -> this should actually work!
Not applicable

The one thing I can tell you, if you' re referring to RSA tokens, DONT USE FORTICLIENT! It works. But it' s not pretty. Especially when in " new pin mode" . And the Fortinet docs on this suck. We ended up implimenting a Cisco PIX just to do the VPN connections. Fortinet needs to come a long way with interoperability of it' s VPN client/server.
Not applicable

We use ActivCard secure tokens with the forticlient. It works great, no problems.
vanc
New Contributor II

Hi jv, Do you need to apply any hacks to FortiClient to make the VPN go with ActivCard?
Not applicable

No hacks . Very straight . We use FG 800 2.8 MR 11 with radius (only share secret) to our activcard AAA server. Works nice. The ActivCArd server does a ldap lookup to our ActiveDirectory. Next week i will test ActivCard with a FG 60 A 3.0 MR 3 with our activcard server. We use Forticlient 2.0 and 1.2 in production. The first 3.0 vpn client didnt work , the latest worked with our production FG 800 2.8 mr 11.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors