Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
CyberFortiConquer
New Contributor III

FortiClient with EMS Cloud and ClearPass for auth

Hi all,

Looking for some help deploying FortiClient with EMS using ClearPass for auth, rather than using AD/Azure directly.

ClearPass is already integrated with AD/InTune and has the required info, can we leverage this info to auth FortiClient VPN users? Anyone got a solution doc that can be shared?

Thanks.

3 REPLIES 3
ebilcari
Staff
Staff

As I know ClearPass can be configured as a RADIUS server. You can configure the FGT to authenticate VPN users via RADIUS as shown in this NPS example.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
CyberFortiConquer
New Contributor III

Thanks, can we also apply posture info that the RADIUS server has onto the VPN client, if it knows about them?

ebilcari

So If I get it right you want to change the RADIUS responses based on posture checks of FCT? You can try to integrate FCT EMS as a MDM if ClearPass supports it.

 

You can also use CP for authentication only and use the FCT EMS tags directly in FGT to block or limit access for non compliant hosts like shown here or here.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors