Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
chocolateeater
New Contributor

RADIUS connection interface IP

Hi, everyone.

 

I'm trying to set up RADIUS authentication for FortiClient VPN connections towards two windows domain controllers. I have two of them - the BDC is on premise and the PDC is in AWS (connected through a VPN tunnel).

 

The connection towards the BDC is fine. This is the primary authentication server.

 

When trying to test the connection from the Fortigate towards the AWS instance, I see that the connection is made from the tunnel interface IP. The connection fails, because I have not created any routing and security group inbound rules for the interface IPs in AWS. Is there any way to make the Fortigate make the RADIUS request from the LAN interface IP? That would make the rules much simpler.

 

Regards,

Chocolate Eater

1 Solution
abelio
SuperUser
SuperUser

Hello

Try with 'nas-ip'  and/or 'source ip' depending upon your needs.

 

I mean, with CLI:


config user radius
   set nas-ip  <ip_used_to_connect_to radius server , and Caller-Station_ID attribute>
....
  set source ip <ip_used_to_connect_to radius server>
...

 

end

 

 

 

regards




/ Abel

View solution in original post

regards / Abel
1 REPLY 1
abelio
SuperUser
SuperUser

Hello

Try with 'nas-ip'  and/or 'source ip' depending upon your needs.

 

I mean, with CLI:


config user radius
   set nas-ip  <ip_used_to_connect_to radius server , and Caller-Station_ID attribute>
....
  set source ip <ip_used_to_connect_to radius server>
...

 

end

 

 

 

regards




/ Abel

regards / Abel
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors