Hello everyone,
Hi I am setting up a radius server on windows server with Fortigate as a radius client. The main idea is to configure Azure MFA with the NPS extension.
Currently I already have a SSLVPN portal running without problems filtering by AD groups. I have created a Radius server in FG and I have clear the steps, except the radius policies in Windows NPS that must point to the fortigate: I have added a radius client pointing to the IP of the FG, but ...
What should I put as a connection request policy and as a network policy? Thank you
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi
Connection Request Policy you allow a connection from the radius client (the fortigate) to the radius server. So i did a limitation of the client displayname, which i configured as i created the radius client in the nps server.
Authentication PAP
Network Policy is the authorization logic. so i have a condition on a windows Group, and again on the radius client displayname.
Authentication still pap.
However, with active Azure Plugin inthe authentication fails for me, it works without the azure nps plugin.
Otherwise i followed the cookbook from 6.2, i have installed 6.4.4.
edit: fixed with fortninet support.
config sys global set remoteauthtimeout 30 end
Kind regards
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1629 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.