Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Mohammedsalhi
New Contributor

Created on ‎10-04-2023 01:11 AM

FAC-WiFi Users connect to SSID without username and password.

Dear team,

 

I have FortiGate configured as a Radius client and FAC as a Radius Server, the SSID use the Radius profiles for domain Wi-Fi authentication, however, it is requested to authenticate the WiFi Domain users without entering their domain credentials when they connect to WIFI SSID which has the Rduais profile defined.

 

it should be authenticated by using machine information.

 

I would appreciate any advice on how to accomplish this.

 

 

Labels:
720
0 Kudos
2 REPLIES 2
rbraha
Staff
Staff

Created on ‎10-04-2023 01:17 AM

Hi @Mohammedsalhi ,please take a look of the below documentation, it might help. 

 

https://docs.fortinet.com/document/fortiauthenticator/6.5.0/cookbook/197391/creating-a-wireless-gues...

713
0 Kudos
ebilcari
Staff
Staff

Created on ‎10-08-2023 03:54 AM

Using EAP-TLS that will use certificates instead of credentials is always preferred as it's more secure but it's also a bit complex to deploy the certificates and configure the supplicant on the end host. In windows setups, GPO can be used to make it transparent to the end user. This can be used both for user or machine authentication.

computer authentication.PNG

If TLS is not feasible for this setup you can use PEAP with machine authentication only. Every domain joined PC will have machine credentials that can be used to authenticate. FortiAuthenticator need to be joined in the domain in order to verify this machine credentials and from the LDAP configuration make sure to also include the OU where the computer accounts resides.

LDAP-PC.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
662
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.