Is there a way to send LDAP'd users from the FortiAuthenticator to our Microsoft NPS server for Azure MFA?
If we configure a realm for LDAP and Chain the token authentication with our Microsoft NPS Radius server, when a user connects to the FortiClient the token field appears. From there we type in something random, and it will send to our Radius server.
Is there a way to have it send the to our Radius without having to type in a random token?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
not sure I'm following. It seems to me that sending just anything to NPS gets you authenticated, is that right ?
I thought that chained 2FA is usually there to verify something like RSA token, where precise token OTP code is expected to match what RADIUS server does expect to see in specified time frame.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
My original plan was to have to the FortiAuthenticator be the first authentication. After that 2FA will be from our NPS server, which is setup for our AzureMFA. I spoke with support and I was told that is not possible.
I next thing I wanted to do, import Remote Radius users and added them to a Radius group. From there create a Radius policy for only that Radius group. But I was told that I would have to add every learned radius user individually. So that defeat the automation process.
If there is a way to automate adding Remote Radius users, that would solve all my issues with the FortiAuthenticator. Since all SSL-VPN authentication hit our FortiAuthenticator first, that I were I wanted to stop any unwanted users to pass.
My currently setup is all users get sent to our NPS and the NPS server does the filtering.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1634 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.