Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Created on ‎12-02-2010 01:51 PM

RADIUS Authentication using Microsoft W2K8 NPS

After reading several of the forum post on both Fortinet and Microsoft, I still am not able to get RADIUS authentication from an FLG100B (analyzer) and MS Windows Server 2008 SP2 (not R2). I think I am missing the required fields necessary to validate the admin authentication. *Each device and ping one another *Firewall on the server is disabled *NPS is working for VPN and Dialup access *RADIUS key is eight characters long (attempted with and without special characters) * The default " Use Windows authentication for all users" is present and valid *Referenced http://docs.fortinet.com/fgt/handbook/fortigate-authentication-40-mr2.pdf
2284
0 Kudos
1 Solution
Not applicable

Created on ‎12-03-2010 01:31 PM

[Solved] In Microsoft Windows Server 2K8 NPS you have to have the following setup... * RADIUS Client: Friendly name must be the hostname of the device * Connection Request Policies: Leave all other settings default Condition: User Name (must match the user name on the device Settings: RADIUS Attributes: Vendor Specific: Name: Vendor-Specific Vendor: RADIUS Standard Value: Vendor Code = 12356 Vendor-assigned attribute number = 1 Attribute format: String Attribute Value = <name of the admin group user is assigned to> Value: Vendor Code = 12356 Vendor-assigned attribute number = 2 Attribute format: InetAddr Attribute Value = <IP address of the appliance> Value: Vendor Code = 12356 Vendor-assigned attribute number = 3 Attribute format: String Attribute Value = <name of the admin or virtual domain>

View solution in original post

874
0 Kudos
1 REPLY 1
Not applicable

Created on ‎12-03-2010 01:31 PM

[Solved] In Microsoft Windows Server 2K8 NPS you have to have the following setup... * RADIUS Client: Friendly name must be the hostname of the device * Connection Request Policies: Leave all other settings default Condition: User Name (must match the user name on the device Settings: RADIUS Attributes: Vendor Specific: Name: Vendor-Specific Vendor: RADIUS Standard Value: Vendor Code = 12356 Vendor-assigned attribute number = 1 Attribute format: String Attribute Value = <name of the admin group user is assigned to> Value: Vendor Code = 12356 Vendor-assigned attribute number = 2 Attribute format: InetAddr Attribute Value = <IP address of the appliance> Value: Vendor Code = 12356 Vendor-assigned attribute number = 3 Attribute format: String Attribute Value = <name of the admin or virtual domain>
875
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.