Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
owais-khan
New Contributor

Password Enforcement Policy Forticlient VPN Users

Hello Team,

 

I have achieved to Enforced Password Policy for FortiGate Admin users however I am not able to achieve the Password Enforcement Policy for  Forti client VPN Users As any new user came and we create Credentials for Forticleint and type its password so it should restrict me to keep the password as per created policy like 1 number, 1 character 1 should be a string and minimum length should be 12 or 16 so how to enforce, it has been done for Admin users however could not found option for Forti client VPN user creation. Note i am using Free Foriclients not the paid and no EMS as well.

 

Could it be achieve ?

Thanks to the community

Regards

Muhammad Owais Khan

 

2 Solutions
srajeswaran
Staff
Staff

Hi Muhammad,

 

Its not possible to apply this password policy for VPN users. For VPN users, we can apply the policy with below conditions only.

 

FGT-1 (root) # config user password-policy

FGT-1 (password-policy) # edit 1

FGT-1 (1) # set
expire-days Time in days before the user's password expires.
warn-days Time in days before a password expiration warning message is displayed to the user upon login.
expired-password-renewal Enable/disable renewal of a password that already is expired.

FGT-1 (1) # set

 

Or you can use LDAP auth and apply the restrictions on LDAP server.

 

Ref: https://docs.fortinet.com/document/fortigate/7.0.2/administration-guide/544195/ssl-vpn-with-local-us...

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

View solution in original post

owais-khan

Thank you @srajeswaran for sharing the details 

View solution in original post

2 REPLIES 2
srajeswaran
Staff
Staff

Hi Muhammad,

 

Its not possible to apply this password policy for VPN users. For VPN users, we can apply the policy with below conditions only.

 

FGT-1 (root) # config user password-policy

FGT-1 (password-policy) # edit 1

FGT-1 (1) # set
expire-days Time in days before the user's password expires.
warn-days Time in days before a password expiration warning message is displayed to the user upon login.
expired-password-renewal Enable/disable renewal of a password that already is expired.

FGT-1 (1) # set

 

Or you can use LDAP auth and apply the restrictions on LDAP server.

 

Ref: https://docs.fortinet.com/document/fortigate/7.0.2/administration-guide/544195/ssl-vpn-with-local-us...

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
owais-khan

Thank you @srajeswaran for sharing the details 

Labels
Top Kudoed Authors