WiFi e LAN authentication using certificate with FreeRadius

Keyrock_IT · ‎05-02-2024

Hello everyone,

I'm looking for guidance on configuring a network authentication scenario using FortiGate and FortiSwitch devices, along with a FreeRADIUS server. Here's my hardware setup:

FortiGate 100F running firmware v7.2.8
FortiSwitch 148F running firmware v7.4.2
FortiAP 231G running firmware v7.4.0
FreeRADIUS server (version 3.0) running in the internal LAN

Authentication Requirements:

I need to authenticate devices (both on WiFi and LAN) using certificates only, without relying on user credentials or MAC address filtering.

Questions:

Is it possible to implement certificate-based authentication in this setup for both LAN and WLAN?
What would be the recommended approach to configure this scenario using FortiGate and FreeRADIUS?

Any guidance, tips, or configuration examples would be greatly appreciated.

Thank you in advance for your help!

hbac · ‎05-03-2024

Hi @Keyrock_IT,

It is possible. You can configure FortiGate to send authentication requests the the RADIUS server. Please refer to this article: https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-Authenticate-to-FortiAP-with-certi...

Regards,

Keyrock_IT · ‎05-06-2024

Thank you for sharing the procedure.

I took a look at the guide, but it appears to reference RADIUS configuration on a Windows server machine. Currently I am using FreeRadius on a Linux machine.

WiFi e LAN authentication using certificate with FreeRadius

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website