- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
NPS and FortiToken from FAC
Hello,
because the limit of 10 user-groups in our FAC-LIC, i'm looking for a way to use FortiAuthenticator only for 2FA (Token or EMail) verification.
SSLVPN > NPS(User/Group) > FAC(token).
or
SSLVPN > (FAC as Proxy but with Token for LDAP Users is one singe group) > NPS for Groupmembership.
NPS=Windoes NPS
Has anyone an idea how to solve this?
Best regards,
Bastian
- Labels:
-
FortiAuthenticator v5.5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @BastianU
Unfortunately this is not possible to be done with FortiAuthenticator using 2FA method the user database will need to be present on FAC otherwise it cannot validate if the user has token or not to be used as OTP method.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Agreed. FAC is a better RADIUS server than NPS anyways so I would just migrate to FAC completely.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello together,
first of all, thank you very much for your quick answers. But I found something else here.
looks like it will work this way. First tests are successful.
I'll play with it a bit more before I can say that it works really well.