FAC-WiFi Users connect to SSID without username and password.
I have FortiGate configured as a Radius client and FAC as a Radius Server, the SSID use the Radius profiles for domain Wi-Fi authentication, however, it is requested to authenticate the WiFi Domain users without entering their domain credentials when they connect to WIFI SSID which has the Rduais profile defined.
it should be authenticated by using machine information.
I would appreciate any advice on how to accomplish this.
Using EAP-TLS that will use certificates instead of credentials is always preferred as it's more secure but it's also a bit complex to deploy the certificates and configure the supplicant on the end host. In windows setups, GPO can be used to make it transparent to the end user. This can be used both for user or machine authentication.
If TLS is not feasible for this setup you can use PEAP with machine authentication only. Every domain joined PC will have machine credentials that can be used to authenticate. FortiAuthenticator need to be joined in the domain in order to verify this machine credentials and from the LDAP configuration make sure to also include the OU where the computer accounts resides.
- Emirjon If you have found a solution, please like and accept it to make it easily accessible for others.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.