Hello everyone,
Hi I am setting up a radius server on windows server with Fortigate as a radius client. The main idea is to configure Azure MFA with the NPS extension.
Currently I already have a SSLVPN portal running without problems filtering by AD groups. I have created a Radius server in FG and I have clear the steps, except the radius policies in Windows NPS that must point to the fortigate: I have added a radius client pointing to the IP of the FG, but ...
What should I put as a connection request policy and as a network policy? Thank you
Hi
Connection Request Policy you allow a connection from the radius client (the fortigate) to the radius server. So i did a limitation of the client displayname, which i configured as i created the radius client in the nps server.
Authentication PAP
Network Policy is the authorization logic. so i have a condition on a windows Group, and again on the radius client displayname.
Authentication still pap.
However, with active Azure Plugin inthe authentication fails for me, it works without the azure nps plugin.
Otherwise i followed the cookbook from 6.2, i have installed 6.4.4.
edit: fixed with fortninet support.
config sys global set remoteauthtimeout 30 end
Kind regards
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.